f05ea1f2baa281d7221d4458f2a3a6b7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f05ea1f2baa281d7221d4458f2a3a6b7_JaffaCakes118
Size

5.4MB
MD5

f05ea1f2baa281d7221d4458f2a3a6b7
SHA1

2a7b2443f0735c8a55f7c199356e37b48bbf1d4c
SHA256

2df5ffead3ea162020f16a615950fd3974726665d7db5803341fed3feaf4da41
SHA512

84a77bcd8e23d298d7ead50ea4567c73bfb9a0e4c2ed487fa1231723f5fd9da7acc2e05aaf30e9cb248bbc9dffceb65facfc67440b760647989e246dba97510c
SSDEEP

98304:1IdK0EQTCxY7r9mHQdQrOlHcmiuv1Z4N2lYm0hZ5kzJU4uzQumwf:1IdKJQTCxSCCWOlHcmic1ZG22hczJTuN

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/Zoiper2Outlook.dll	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/Zoiper2Outlook.dll	upx

Unsigned PE 24 IoCs

Checks for missing Authenticode signature.

resource
f05ea1f2baa281d7221d4458f2a3a6b7_JaffaCakes118
unpack001/$PLUGINSDIR/LangDLL.dll
unpack001/$PLUGINSDIR/StartMenu.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/UserInfo.dll
unpack001/$PLUGINSDIR/nsDialogs.dll
unpack001/Plugins/Plugin.dll
unpack001/Plugins/YLUSBTEL.dll
unpack001/Zoiper2Outlook.dll
unpack002/out.upx
unpack001/amd64/ZoiPRINTDRV.dll
unpack001/amd64/Zoipres.dll
unpack001/avcodec-52.dll
unpack001/avutil-49.dll
unpack001/i386/ZoiPRINTDRV.dll
unpack001/i386/Zoipres.dll
unpack001/installer32.exe
unpack001/installer64.exe
unpack001/uninstall.exe
unpack004/$PLUGINSDIR/LangDLL.dll
unpack004/$PLUGINSDIR/System.dll
unpack004/$PLUGINSDIR/UserInfo.dll
unpack001/uninstaller32.exe
unpack001/uninstaller64.exe

Files

f05ea1f2baa281d7221d4458f2a3a6b7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b729b61eb1515fcf7b3e511e4e66258b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
CloseHandle
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
MulDiv
lstrlenA
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrcpynA

user32

ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
FindWindowExW
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
IsWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 1.7MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:5 windows x86 arch:x86

e981c0ab92cb1f191bb5e23392e14796

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
lstrlenW
GlobalAlloc
lstrcmpW
GetModuleHandleW
MulDiv
lstrcpyW
lstrcpynW

user32

SetWindowTextW
SetDlgItemTextW
EndDialog
SendDlgItemMessageW
DialogBoxParamW
LoadIconW
SendMessageW
ShowWindow
GetDC

gdi32

CreateFontIndirectW
GetDeviceCaps
DeleteObject

Exports

Exports

LangDialog

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 729B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 350B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/StartMenu.dll
.dll windows:5 windows x86 arch:x86

b1d9539c7cfd95718179dedb471b482f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindFirstFileW
lstrcatW
lstrcpyW
MulDiv
GetModuleHandleW
lstrcmpW
GlobalFree
lstrcpynW
GlobalAlloc
FindNextFileW
lstrcmpiW
FindClose

user32

PostMessageW
CallWindowProcW
GetWindowLongW
IsDialogMessageW
CheckDlgButton
ShowWindow
LoadIconW
GetClientRect
MoveWindow
ScreenToClient
GetWindowRect
ReleaseDC
GetDC
EnableWindow
SetWindowTextW
IsDlgButtonChecked
GetWindowTextW
GetDlgItem
wsprintfW
CreateDialogParamW
GetMessageW
TranslateMessage
DispatchMessageW
DestroyWindow
SetWindowLongW
SendMessageW

gdi32

GetTextMetricsW
SelectObject

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW

ole32

CoTaskMemFree

Exports

Exports

Init
Select
Show

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:5 windows x86 arch:x86

6c41c5e4d44f55745b925cc4e42b7fab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyW
lstrcpynW
GetProcAddress
WideCharToMultiByte
lstrcatW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
lstrlenW
FreeLibrary

user32

wsprintfW

ole32

CLSIDFromString
StringFromGUID2

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 899B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 574B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UserInfo.dll
.dll windows:5 windows x86 arch:x86

45d25ca52c312b2254c60dbcb30342d1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
GetCurrentThread
GetCurrentProcess
GetModuleHandleW
GetProcAddress
GetLastError
GlobalFree
CloseHandle
lstrcpynW
GlobalAlloc

advapi32

OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
GetUserNameW
OpenThreadToken

Exports

Exports

GetAccountType
GetName
GetOriginalAccountType

Sections

.text
Size: 1024B - Virtual size: 696B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 753B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:5 windows x86 arch:x86

9ea5bdc8c90dfcffe309465c26c89758

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
MulDiv
lstrlenW
HeapFree
GetProcessHeap
lstrcmpiW
HeapReAlloc
lstrcpynW
GetFileAttributesW
lstrcpyW
GetCurrentDirectoryW
SetCurrentDirectoryW
HeapAlloc
GlobalFree

user32

LoadCursorW
RemovePropW
DrawFocusRect
GetPropW
DrawTextW
GetWindowTextW
GetDlgItem
SetWindowLongW
SetWindowPos
CreateDialogParamW
MapWindowPoints
GetWindowRect
SetCursor
CreateWindowExW
IsWindow
SetTimer
KillTimer
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
wsprintfW
GetClientRect
CharPrevW
CallWindowProcW
SetPropW
DestroyWindow
MapDialogRect
CharNextW
SendMessageW
GetWindowLongW

gdi32

SetTextColor

shell32

SHGetPathFromIDListW
SHBrowseForFolderW

comdlg32

GetSaveFileNameW
CommDlgExtendedError
GetOpenFileNameW

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 590B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Avatars/avatar_01.jpg
.jpg
Avatars/avatar_02.jpg
.jpg
Avatars/avatar_03.jpg
.jpg
Avatars/avatar_04.jpg
.jpg
Avatars/avatar_05.jpg
.jpg
Avatars/avatar_06.jpg
.jpg
Avatars/avatar_07.jpg
.jpg
Avatars/avatar_08.jpg
.jpg
Avatars/avatar_09.jpg
.jpg
Avatars/avatar_10.jpg
.jpg
Avatars/avatar_11.jpg
.jpg
Plugins/Plugin.dll
.dll windows:4 windows x86 arch:x86

04f0fd2f10e78ee383395e1c3cbf2981

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopy
VariantClear
VariantInit

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

user32

GetKeyboardType
DestroyWindow
LoadStringA
MessageBoxA
CharNextA
MessageBoxA
LoadStringA
GetSystemMetrics
CharNextA
CharToOemA

kernel32

GetACP
Sleep
VirtualFree
VirtualAlloc
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
lstrcpynA
LoadLibraryExA
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
LocalFree
LocalAlloc
WriteFile
WaitForSingleObject
VirtualQuery
SetEvent
ResetEvent
LoadLibraryA
LeaveCriticalSection
InitializeCriticalSection
GetVersionExA
GetThreadLocale
GetStdHandle
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLocalTime
GetLastError
GetDiskFreeSpaceA
GetDateFormatA
GetCurrentThreadId
GetCPInfo
FreeLibrary
FormatMessageA
EnumCalendarInfoA
EnterCriticalSection
DeleteCriticalSection
CreateEventA
CompareStringA
CloseHandle
Sleep

Exports

Exports

CallPickup
CloseDevice
Dial
Flash
GetName
GetVersion
Hangup
OpenDevice
Poll
SelectLine
SetCallerMsg
SetDialTone
SetFailedMsg
SetHold
SetMsg
SetMute
SetOnHook
SetRing
SetSpeakerPhone
SetTalkingMsg
SetWaitforAnswerMsg

Sections

.text
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 18KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 485B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Plugins/YLUSBTEL.dll
.dll windows:5 windows x86 arch:x86

acfb0dc0c5938511745720984ceb9253

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RtlUnwind
HeapReAlloc
GetCommandLineA
GetSystemTimeAsFileTime
ExitProcess
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
TerminateProcess
IsDebuggerPresent
HeapCreate
HeapDestroy
VirtualFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetFileType
FindFirstFileW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
GetFileTime
SetEnvironmentVariableW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WritePrivateProfileStringW
GlobalFlags
FileTimeToSystemTime
GetThreadLocale
lstrlenA
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
LoadLibraryW
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
GetFileSizeEx
GetFileAttributesW
FileTimeToLocalFileTime
SetEnvironmentVariableA
GetVolumeInformationW
FreeResource
GetModuleHandleA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
MulDiv
CreateFileW
GetCommandLineW
CopyFileW
WideCharToMultiByte
GetFullPathNameW
GetFileAttributesExW
GetTickCount
ReadFile
WriteFile
GetOverlappedResult
LocalAlloc
LocalFree
CancelIo
GetPrivateProfileIntW
GetPrivateProfileStringW
ReleaseMutex
CreateMutexW
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
HeapFree
SetLastError
GetProcessHeap
HeapAlloc
GetCurrentProcess
FlushInstructionCache
CreateEventW
CreateThread
SetEvent
ResetEvent
WaitForSingleObject
TerminateThread
GetVersionExW
LoadLibraryExW
MultiByteToWideChar
FreeLibrary
UnmapViewOfFile
CloseHandle
lstrcmpiW
GetModuleHandleW
GetProcAddress
InterlockedDecrement
InterlockedIncrement
GetLastError
LeaveCriticalSection
EnterCriticalSection
CreateFileMappingW
MapViewOfFile
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrlenW
GetModuleFileNameW
GetLocalTime
GetCurrentThreadId
GetCurrentProcessId
OutputDebugStringW
QueryPerformanceFrequency
QueryPerformanceCounter
Sleep
FindResourceW
LoadResource
LockResource
GetStartupInfoA
SizeofResource

user32

SetCapture
InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableW
CharUpperW
DestroyMenu
GetSysColorBrush
UnregisterClassW
SetWindowContextHelpId
MapDialogRect
GetWindowThreadProcessId
SetCursor
GetCursorPos
ValidateRect
MoveWindow
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextW
ReleaseCapture
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
GetKeyState
SetMenu
SetForegroundWindow
UpdateWindow
MessageBoxW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
PtInRect
GetDlgCtrlID
GetMenu
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
GetSysColor
GetWindowDC
ClientToScreen
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatW
GetForegroundWindow
GrayStringW
DrawTextExW
TabbedTextOutW
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
LoadStringW
PostQuitMessage
SetWindowTextW
InflateRect
EndPaint
BeginPaint
AnimateWindow
SetWindowPos
IsWindowVisible
RedrawWindow
ShowWindow
GetClientRect
PostMessageW
GetWindowLongW
SendMessageW
GetMessageW
TranslateMessage
DispatchMessageW
SystemParametersInfoW
SendMessageTimeoutW
GetClassInfoExW
SetWindowLongW
IsWindow
PeekMessageW
GetDesktopWindow
EnableWindow
KillTimer
SetTimer
CharNextW
DrawTextW
OffsetRect
DestroyWindow
LoadImageW
LoadCursorW
RegisterClassExW
CreateWindowExW
GetDC
ReleaseDC
LoadBitmapW
FillRect
CopyRect
DefWindowProcW
CallWindowProcW
PostThreadMessageW
MapWindowPoints
UnregisterClassA

gdi32

GetWindowExtEx
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
CreateBitmap
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetTextExtentPoint32W
GetViewportExtEx
GetClipBox
SetMapMode
RestoreDC
SaveDC
GetDeviceCaps
SetBkMode
CreateSolidBrush
SetTextAlign
SetBkColor
SetTextColor
CreateDIBSection
GetStockObject
CreateFontIndirectW
CreateCompatibleBitmap
DeleteObject
BitBlt
CreateCompatibleDC
DeleteDC
GetObjectW
SelectObject

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

FreeSid
RegQueryValueExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
AllocateAndInitializeSid
SetEntriesInAclW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCloseKey

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW

oledlg

OleUIBusyW

ole32

CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoInitialize
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CLSIDFromString
CLSIDFromProgID

oleaut32

SysAllocString
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SysFreeString
VarUI4FromStr
SysStringLen
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
VariantCopy

winmm

waveOutOpen
waveOutClose
waveOutRestart
waveOutPrepareHeader
waveOutWrite
waveOutPause
waveOutReset
waveOutUnprepareHeader
mixerSetControlDetails
mixerOpen
mixerGetNumDevs
mixerGetDevCapsW
waveInGetNumDevs
waveOutGetNumDevs
mixerGetLineInfoW
mixerGetLineControlsW
mixerGetControlDetailsW
waveInGetDevCapsW
waveOutGetDevCapsW
mixerClose

hid

HidD_GetAttributes
HidD_GetProductString
HidD_GetIndexedString
HidD_SetFeature
HidD_GetPreparsedData
HidP_GetCaps
HidD_FreePreparsedData
HidD_GetHidGuid

dsound

ord1
ord3

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces

Exports

Exports

YL_DeviceIoControl

Sections

.text
Size: 418KB - Virtual size: 418KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Zoiper.exe
.exe windows:5 windows x86 arch:x86

76fce562d35f53fd4d27602e62cc5bcc

Code Sign

01
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

01/08/1996, 00:00

Not After

31/12/2020, 23:59

Subject

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

04:89:c4:32:7f:6e:5e:3d:7a:a0:4a:27:33:e6:90:6e
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

27/11/2009, 00:00

Not After

27/11/2010, 23:59

Subject

CN=SECURAX,O=SECURAX,L=Sofia,ST=Sofia,C=BG

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\CABOB\Code\Zoiper 3 New\Zoiper3\Win32\ReleaseStatic\Zoiper.exe.pdb

Imports

shlwapi

SHDeleteValueW
SHDeleteKeyW
SHGetValueW
SHSetValueW

tapi32

lineTranslateAddressW

mapi32

ord21
ord23
ord11
ord17

iphlpapi

NotifyRouteChange
GetIpAddrTable
GetBestRoute
GetNetworkParams

winmm

waveOutGetNumDevs
waveOutGetDevCapsW
waveInGetNumDevs
waveInGetDevCapsW
mixerOpen
waveOutClose
waveInClose
waveOutWrite
waveOutPause
waveOutGetPosition
waveOutRestart
waveOutReset
waveInPrepareHeader
waveInOpen
waveInAddBuffer
waveInReset
waveOutGetDevCapsA
waveOutUnprepareHeader
waveInUnprepareHeader
waveOutOpen
waveInGetErrorTextA
waveInGetDevCapsA
waveOutPrepareHeader
waveOutGetErrorTextA
waveInStart
mixerSetControlDetails
mixerGetControlDetailsA
waveOutGetVolume
mixerClose
mixerGetLineInfoA
mixerGetLineControlsA
waveOutSetVolume
timeGetTime

comctl32

ord17
ImageList_Destroy
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_Add
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_Draw
ord16
CreateStatusWindowW
ImageList_BeginDrag
ImageList_SetDragCursorImage
ImageList_EndDrag
ImageList_DragMove
ImageList_DragEnter
ImageList_DragLeave
ImageList_Create

wldap32

ord34
ord38
ord200
ord301
ord32
ord143
ord45
ord195
ord26
ord27
ord41
ord46
ord33

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdW
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupDiGetDeviceRegistryPropertyW

avutil-49

ord29

avcodec-52

ord85
ord69
ord82
ord102
ord79
ord71
ord76
ord87
ord89
ord101
ord105
ord73

kernel32

TlsFree
GetExitCodeProcess
PeekNamedPipe
CreateProcessW
GetUserDefaultLCID
GetACP
IsValidLocale
FileTimeToLocalFileTime
FileTimeToSystemTime
SystemTimeToFileTime
GetTempFileNameW
GetTempPathW
GetFileSize
GetStdHandle
OutputDebugStringW
GetComputerNameW
GetEnvironmentVariableW
GetModuleFileNameW
GetModuleHandleW
SetEnvironmentVariableW
TerminateProcess
GlobalMemoryStatus
IsValidCodePage
GetCPInfo
RaiseException
SetErrorMode
GetCommandLineW
LocalAlloc
SetLastError
GlobalAlloc
GlobalFree
GlobalLock
GlobalSize
GlobalUnlock
HeapSize
GetCommandLineA
GetStartupInfoA
GetSystemTimeAsFileTime
UnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
MoveFileW
DeleteFileW
CreateDirectoryW
GetFullPathNameW
GetDriveTypeA
GetFullPathNameA
SetStdHandle
ExitThread
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
WriteConsoleW
RtlUnwind
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetCurrentThread
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
VirtualAlloc
GetOEMCP
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
InterlockedExchange
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetTimeFormatA
GetDateFormatA
GetCurrentDirectoryA
GetLocaleInfoA
TlsAlloc
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
GetModuleHandleA
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
CompareStringA
GetVersionExA
QueryPerformanceFrequency
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
GetSystemTime
GetLocalTime
OutputDebugStringA
GetSystemDirectoryA
CreateSemaphoreA
CreateMutexA
FormatMessageA
FindFirstFileA
FindNextFileA
CreateEventA
GetEnvironmentVariableA
ResetEvent
WaitForMultipleObjects
ExpandEnvironmentStringsA
GetVersion
TryEnterCriticalSection
FlushConsoleInputBuffer
SleepEx
lstrcmpW
Sleep
GetExitCodeThread
TerminateThread
SetThreadPriority
ExitProcess
TlsSetValue
InterlockedDecrement
InterlockedIncrement
ReleaseSemaphore
CreateSemaphoreW
ReleaseMutex
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WideCharToMultiByte
MultiByteToWideChar
GetLocaleInfoW
GetThreadLocale
GetTimeZoneInformation
FindNextFileW
FindFirstFileW
FindClose
GetFileType
GetWindowsDirectoryW
SetCurrentDirectoryW
CopyFileW
GetFileAttributesW
LocalFree
FormatMessageW
ExpandEnvironmentStringsW
GetVolumeInformationA
GetVersionExW
DeviceIoControl
CreateFileA
CreateThread
CreateEventW
SetEvent
WaitForSingleObject
WriteFile
CreateMailslotW
ReadFile
HeapFree
GetProcessHeap
HeapAlloc
GetLastError
GetShortPathNameW
SetFileAttributesW
SetUnhandledExceptionFilter
CloseHandle
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetProcAddress
LoadLibraryW
GetCurrentThreadId
CreateFileW
InterlockedCompareExchange
GetFileInformationByHandle
DeleteFileA
ReadConsoleInputA
SetConsoleMode
TlsGetValue
EnumSystemLocalesA
ResumeThread
GetFileTime

user32

VkKeyScanW
GetAsyncKeyState
GetActiveWindow
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
RegisterHotKey
UnregisterHotKey
CreateDialogParamW
GetDlgItem
GetForegroundWindow
CreateDialogIndirectParamW
BringWindowToTop
IsZoomed
IsIconic
GetDesktopWindow
GetSystemMenu
SetWindowRgn
AdjustWindowRectEx
FlashWindow
CheckMenuRadioItem
CheckMenuItem
DestroyAcceleratorTable
CreateAcceleratorTableW
TranslateAcceleratorW
SetTimer
KillTimer
SetMenu
GetUpdateRect
BeginPaint
DrawIcon
EndPaint
DestroyCursor
GetWindowDC
keybd_event
OpenClipboard
IsClipboardFormatAvailable
CloseClipboard
HideCaret
RegisterClipboardFormatW
GetMessagePos
DrawTextW
DrawFocusRect
ChildWindowFromPoint
ValidateRect
GetMessageW
CopyRect
OffsetRect
UnionRect
DrawStateW
DrawEdge
DefFrameProcW
TranslateMDISysAccel
DefMDIChildProcW
GetMenuStringW
ChangeDisplaySettingsW
EnumDisplaySettingsW
SetClipboardData
ShowCursor
MessageBoxA
GetUserObjectInformationW
GetProcessWindowStation
InvalidateRect
SetWindowTextW
InflateRect
IsWindowVisible
IsWindowEnabled
IsDialogMessageW
CallWindowProcW
TrackPopupMenu
PostQuitMessage
MoveWindow
DeferWindowPos
ClientToScreen
ScreenToClient
UpdateWindow
RedrawWindow
SetParent
GetMenuItemInfoW
IsWindow
ScrollWindow
SetScrollInfo
GetScrollInfo
SetCursorPos
PtInRect
GetCapture
ReleaseCapture
SetCapture
ShowWindow
EnableWindow
GetFocus
SetFocus
EnableMenuItem
GetSubMenu
GetMenuItemCount
AppendMenuW
CreateMenu
DrawMenuBar
GetMenuState
ModifyMenuW
RemoveMenu
InsertMenuW
InsertMenuItemW
DestroyMenu
CreatePopupMenu
SetMenuItemInfoW
GetClassNameW
GetWindowTextW
GetWindowTextLengthW
GetCursorPos
DispatchMessageW
TranslateMessage
LoadIconW
LoadImageW
DestroyIcon
GetSystemMetrics
LoadBitmapW
DrawIconEx
DrawFrameControl
FillRect
GetClientRect
CreateIconIndirect
ReleaseDC
GetDC
GetIconInfo
GetKeyState
UnregisterClassW
RegisterWindowMessageW
SetForegroundWindow
SetCursor
LoadCursorW
DdeGetLastError
DdeFreeStringHandle
DdeQueryStringW
DdeCreateStringHandleW
DdeCreateDataHandle
DdePostAdvise
DdeFreeDataHandle
DdeGetData
DdeClientTransaction
DdeDisconnect
DdeConnect
DdeNameService
DdeUninitialize
DdeInitializeW
CreateWindowExW
RegisterClassW
MessageBeep
PostMessageW
PeekMessageW
WaitForInputIdle
DefWindowProcW
DestroyWindow
PostThreadMessageW
MessageBoxW
SetWindowPos
GetParent
MapWindowPoints
GetWindowRect
SetWindowLongW
GetWindowLongW
RegisterDeviceNotificationW
FlashWindowEx
SendMessageW
EndDeferWindowPos
GetMessageTime
BeginDeferWindowPos
GetWindow
GetUpdateRgn
WindowFromPoint
GetSysColor
SystemParametersInfoW

gdi32

GetClipBox
ExtSelectClipRgn
CreateRectRgn
SelectClipRgn
GetDeviceCaps
SetMapMode
CreateSolidBrush
SetViewportExtEx
SetWindowExtEx
SetViewportOrgEx
SetWindowOrgEx
ExtFloodFill
GetPixel
Pie
Arc
SetPixel
SetPolyFillMode
Polygon
GetTextMetricsW
SelectPalette
SetTextColor
GetBkColor
GetTextColor
SetStretchBltMode
SetBkMode
SetROP2
SetBrushOrgEx
CreateFontIndirectW
TextOutW
MaskBlt
RealizePalette
GetStockObject
PolyBezier
Ellipse
GetPaletteEntries
SetBkColor
BitBlt
SelectObject
DeleteDC
RoundRect
Rectangle
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
GetObjectW
PolyPolygon
DeleteObject
GetTextExtentPoint32W
GetCharABCWidthsW
GetTextExtentExPointW
StretchDIBits
StretchBlt
CreatePalette
GetNearestPaletteIndex
CreatePatternBrush
CreateHatchBrush
CreatePen
ExtCreatePen
MoveToEx
LineTo
GetRegionData
ExtCreateRegion
OffsetRgn
CombineRgn
GetRgnBox
EqualRgn
PtInRegion
RectInRegion
GdiFlush
ExcludeClipRect
SaveDC
RestoreDC
CreateRectRgnIndirect
SetTextAlign
CreateDIBSection
GetDIBits
GetDIBColorTable
CreateDIBitmap
PatBlt
CreateICW
EnumFontFamiliesExW
GetEnhMetaFileW
CopyEnhMetaFileW
DeleteEnhMetaFile
SetAbortProc
CreateDCW
StartDocW
EndDoc
StartPage
EndPage
GetBitmapBits
GetObjectA
CreateDCA
Polyline

comdlg32

PageSetupDlgW
PrintDlgW
ChooseFontW
ChooseColorW
CommDlgExtendedError
GetSaveFileNameW
GetOpenFileNameW

advapi32

RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegOpenKeyExA
RegQueryValueExA
GetUserNameA
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
GetUserNameW

shell32

SHBrowseForFolderW
DragFinish
DragQueryPoint
DragQueryFileW
DragAcceptFiles
ExtractIconW
ExtractIconExW
Shell_NotifyIconW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteExW
ShellExecuteW

ole32

OleInitialize
OleUninitialize
CoCreateGuid
StringFromGUID2
ReleaseStgMedium
CoLockObjectExternal
CoCreateInstance
RevokeDragDrop
OleIsCurrentClipboard
OleSetClipboard
OleFlushClipboard
OleGetClipboard
CoUninitialize
RegisterDragDrop
CoFreeUnusedLibraries
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoInitializeEx

oleaut32

SysFreeString
SysAllocString

dnsapi

DnsRecordListFree
DnsQuery_UTF8

secur32

DeleteSecurityContext
InitializeSecurityContextA
AcquireCredentialsHandleW
FreeCredentialsHandle

crypt32

CertCloseStore
CertNameToStrA
CertEnumCertificatesInStore
CertOpenSystemStoreA

ws2_32

socket
gethostbyname
inet_addr
gethostname
getsockname
bind
listen
accept
getprotobyname
shutdown
WSASend
getsockopt
WSACleanup
WSAIoctl
connect
WSAGetLastError
htons
recv
__WSAFDIsSet
ioctlsocket
closesocket
recvfrom
sendto
ntohs
getservbyport
getservbyname
WSASetLastError
setsockopt
select
htonl
ntohl
inet_ntoa
WSAStartup
send
gethostbyaddr

Sections

.text
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 326KB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 440KB - Virtual size: 439KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Zoiper.zss
Zoiper2Outlook.dll
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

UPX0
Size: - Virtual size: 456KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 240KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 540KB - Virtual size: 539KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 19KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 171B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ZoiperCommunicatorExtension.xpi
.zip
chrome.manifest
chrome/zoiper/content/selectDialog.xul
.xml
chrome/zoiper/content/settingsDialog.xul
.xml
chrome/zoiper/content/zoiper.css
chrome/zoiper/content/zoiper.js
.js
chrome/zoiper/content/zoiper.png
.png
chrome/zoiper/content/zoiperOverlay.xul
.xml
chrome/zoiper/content/zoiper_large.png
.png
chrome/zoiper/content/zoiper_small.png
.png
install.rdf
.xml
amd64/ZoiPRINTDRV.dll
.dll windows:6 windows x64 arch:x64

075aced91b4c2498981ef6646453eb3d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\prj\zoiprint\amd64\ZOIPRINTDRV.pdb

Imports

msvcrt

sqrt
atan2
fclose
fwrite
fopen
floor
pow
_lfind
log
fprintf
qsort
sprintf
vsprintf
memset
memcpy
strncmp
exp
rand
bsearch
__C_specific_handler
_amsg_exit
free
_initterm
malloc
_XcptFilter
_vsnwprintf
wcsstr
memmove
_vsnprintf
??2@YAPEAX_K@Z
??3@YAXPEAX@Z

kernel32

FreeLibrary
CreateFileW
LocalAlloc
LocalFree
GlobalSize
GlobalFree
GlobalAlloc
CreateFileA
UnmapViewOfFile
CreateFileMappingA
SetLastError
WideCharToMultiByte
GetSystemTimeAsFileTime
MoveFileW
LoadLibraryW
CloseHandle
Sleep
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
ReadFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
FormatMessageW
GetLastError
CreateDirectoryW
GetLocalTime
WriteFile
GetCurrentThread
GetCurrentProcessId
MapViewOfFile
GetFileSize
SetFilePointer

advapi32

LookupPrivilegeValueW
CreateProcessAsUserW
ImpersonateLoggedOnUser
DuplicateTokenEx
OpenThreadToken
AdjustTokenPrivileges

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

shlwapi

AssocQueryStringByKeyW
AssocQueryKeyW

user32

GetFocus
MessageBoxA
MessageBoxW
DialogBoxParamW
EndDialog
GetWindowLongPtrW
GetDlgItem
SendMessageW
GetWindowTextW
SetWindowLongPtrW
SetFocus

shell32

SHGetFolderPathW

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 234KB - Virtual size: 234KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
amd64/Zoipres.dll
.dll windows:5 windows x64 arch:x64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
amd64/Zoiprint.gpd
amd64/Zoiprint.ini
avcodec-52.dll
.dll windows:4 windows x86 arch:x86

99bdd1e31eb43370332c2226d21c65ec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
InterlockedExchange
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
Sleep
WideCharToMultiByte

msvcrt

_open
_tempnam
__dllonexit
__lc_codepage
__mb_cur_max
_assert
_errno
abort
acos
asin
atan
ceil
cos
cosh
exp
fflush
floor
fputc
free
getenv
isprint
isspace
localeconv
log
malloc
memcpy
memmove
memset
pow
qsort
sin
sinh
sscanf
strchr
strcmp
strlen
strtol
tan
tanh
toupper
wcslen

avutil-49

av_d2q
av_free
av_freep
av_log
av_log_get_level
av_malloc
av_mallocz
av_realloc
av_reduce
av_strdup
ff_gcd
ff_log2_tab
ff_sqrt_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_log2_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab

Exports

Exports

DCtab_chrom
DCtab_lum
MPV_common_defaults
MPV_common_end
MPV_common_init
MPV_common_init_mmx
MPV_decode_defaults
MPV_decode_mb
MPV_encode_end
MPV_encode_init
MPV_encode_picture
MPV_frame_end
MPV_frame_start
_get_output_format
add_pixels_clamped_mmx
align_put_bits
alloc_picture
audio_resample
audio_resample_close
audio_resample_init
av_audio_convert
av_audio_convert_alloc
av_audio_convert_free
av_bitstream_filter_close
av_bitstream_filter_filter
av_bitstream_filter_init
av_bitstream_filter_next
av_build_filter
av_codec_next
av_fast_realloc
av_find_opt
av_first_parser
av_get_bits_per_sample
av_get_bits_per_sample_format
av_get_double
av_get_int
av_get_pict_type_char
av_get_q
av_get_string
av_log_missing_feature
av_next_option
av_opt_set_defaults
av_opt_set_defaults2
av_opt_show
av_parse_video_frame_rate
av_parse_video_frame_size
av_parser_change
av_parser_close
av_parser_init
av_parser_next
av_parser_parse
av_picture_copy
av_picture_crop
av_picture_pad
av_register_bitstream_filter
av_register_codec_parser
av_resample
av_resample_close
av_resample_compensate
av_resample_init
av_set_double
av_set_int
av_set_q
av_set_string
av_set_string2
av_tempfile
av_xiphlacing
avcodec_align_dimensions
avcodec_alloc_context
avcodec_alloc_context2
avcodec_alloc_frame
avcodec_check_dimensions
avcodec_close
avcodec_decode_audio2
avcodec_decode_subtitle
avcodec_decode_video
avcodec_default_execute
avcodec_default_free_buffers
avcodec_default_get_buffer
avcodec_default_get_format
avcodec_default_reget_buffer
avcodec_default_release_buffer
avcodec_encode_audio
avcodec_encode_subtitle
avcodec_encode_video
avcodec_find_best_pix_fmt
avcodec_find_decoder
avcodec_find_decoder_by_name
avcodec_find_encoder
avcodec_find_encoder_by_name
avcodec_flush_buffers
avcodec_get_chroma_sub_sample
avcodec_get_context_defaults
avcodec_get_context_defaults2
avcodec_get_frame_defaults
avcodec_get_pix_fmt
avcodec_get_pix_fmt_loss
avcodec_get_pix_fmt_name
avcodec_get_sample_fmt
avcodec_get_sample_fmt_name
avcodec_init
avcodec_open
avcodec_pix_fmt_string
avcodec_pix_fmt_to_codec_tag
avcodec_register_all
avcodec_sample_fmt_string
avcodec_set_dimensions
avcodec_string
avcodec_thread_init
avcodec_version
avpicture_alloc
avpicture_deinterlace
avpicture_fill
avpicture_free
avpicture_get_size
avpicture_layout
cbpy_tab
copy_picture
dct_quantize_c
dct_quantize_trellis_c
denoise_dct_c
dsputil_init
dsputil_init_mmx
dsputil_init_pix_mmx
dsputil_static_init
dsputilenc_init_mmx
fdct_ifast
fdct_ifast248
ff_aic_dc_scale_table
ff_alternate_horizontal_scan
ff_alternate_vertical_scan
ff_avg_cavs_qpel16_mc00_mmx2
ff_avg_cavs_qpel8_mc00_mmx2
ff_avg_qpel16_mc11_old_c
ff_avg_qpel16_mc12_old_c
ff_avg_qpel16_mc13_old_c
ff_avg_qpel16_mc31_old_c
ff_avg_qpel16_mc32_old_c
ff_avg_qpel16_mc33_old_c
ff_avg_qpel8_mc11_old_c
ff_avg_qpel8_mc12_old_c
ff_avg_qpel8_mc13_old_c
ff_avg_qpel8_mc31_old_c
ff_avg_qpel8_mc32_old_c
ff_avg_qpel8_mc33_old_c
ff_block_permute
ff_bone
ff_check_alignment
ff_clean_h263_qscales
ff_clean_intra_table_entries
ff_clean_mpeg4_qscales
ff_combine_frame
ff_convert_matrix
ff_copy_bits
ff_cropTbl
ff_dct_common_init
ff_draw_horiz_band
ff_emulated_edge_mc
ff_epzs_motion_search
ff_er_add_slice
ff_er_frame_end
ff_er_frame_start
ff_estimate_b_frame_motion
ff_estimate_p_frame_motion
ff_eval2
ff_eval_free
ff_faandct
ff_faandct248
ff_faanidct
ff_faanidct_add
ff_faanidct_put
ff_fdct248_islow
ff_fdct_mmx
ff_fdct_mmx2
ff_fdct_sse2
ff_fetch_timestamp
ff_fill_linesize
ff_fill_pointer
ff_find_start_code
ff_find_unused_picture
ff_fix_long_mvs
ff_fix_long_p_mvs
ff_float_to_int16_c
ff_float_to_int16_interleave_c
ff_flv_encode_picture_header
ff_frame_rate_tab
ff_get_2pass_fcode
ff_get_best_fcode
ff_get_mb_score
ff_get_plane_bytewidth
ff_gmc_c
ff_h263_chroma_qscale_table
ff_h263_decode_end
ff_h263_decode_frame
ff_h263_decode_init
ff_h263_decode_mb
ff_h263_decode_mba
ff_h263_encode_mba
ff_h263_encode_motion
ff_h263_find_frame_end
ff_h263_get_gob_height
ff_h263_loop_filter
ff_h263_loop_filter_strength
ff_h263_resync
ff_h263_update_motion_val
ff_idct_xvid_mmx
ff_idct_xvid_mmx2
ff_idct_xvid_sse2
ff_idct_xvid_sse2_add
ff_idct_xvid_sse2_put
ff_img_copy_plane
ff_init_block_index
ff_init_me
ff_init_scantable
ff_inverse
ff_jpeg_fdct_islow
ff_log2_run
ff_mba_length
ff_mba_max
ff_mpeg12_mbAddrIncrTable
ff_mpeg12_mbMotionVectorTable
ff_mpeg12_mbPatTable
ff_mpeg12_vlc_dc_chroma_bits
ff_mpeg12_vlc_dc_chroma_code
ff_mpeg12_vlc_dc_lum_bits
ff_mpeg12_vlc_dc_lum_code
ff_mpeg1_aspect
ff_mpeg1_dc_scale_table
ff_mpeg1_default_intra_matrix
ff_mpeg1_default_non_intra_matrix
ff_mpeg2_aspect
ff_mpeg4_c_dc_scale_table
ff_mpeg4_clean_buffers
ff_mpeg4_decode_mb
ff_mpeg4_decode_partitions
ff_mpeg4_decode_picture_header
ff_mpeg4_default_intra_matrix
ff_mpeg4_default_non_intra_matrix
ff_mpeg4_encode_video_packet_header
ff_mpeg4_get_video_packet_prefix_length
ff_mpeg4_init_direct_mv
ff_mpeg4_init_partitions
ff_mpeg4_merge_partitions
ff_mpeg4_resync_prefix
ff_mpeg4_set_direct_mv
ff_mpeg4_stuffing
ff_mpeg4_y_dc_scale_table
ff_mpeg4video_split
ff_mpeg_flush
ff_parse
ff_parse1_close
ff_parse_close
ff_parse_eval
ff_pb_1
ff_pb_3
ff_pb_3F
ff_pb_7
ff_pb_A1
ff_pb_FC
ff_pd_1
ff_pd_2
ff_pdw_80000000
ff_pre_estimate_p_frame_motion
ff_print_debug_info
ff_put_cavs_qpel16_mc00_mmx2
ff_put_cavs_qpel8_mc00_mmx2
ff_put_no_rnd_qpel16_mc11_old_c
ff_put_no_rnd_qpel16_mc12_old_c
ff_put_no_rnd_qpel16_mc13_old_c
ff_put_no_rnd_qpel16_mc31_old_c
ff_put_no_rnd_qpel16_mc32_old_c
ff_put_no_rnd_qpel16_mc33_old_c
ff_put_no_rnd_qpel8_mc11_old_c
ff_put_no_rnd_qpel8_mc12_old_c
ff_put_no_rnd_qpel8_mc13_old_c
ff_put_no_rnd_qpel8_mc31_old_c
ff_put_no_rnd_qpel8_mc32_old_c
ff_put_no_rnd_qpel8_mc33_old_c
ff_put_qpel16_mc11_old_c
ff_put_qpel16_mc12_old_c
ff_put_qpel16_mc13_old_c
ff_put_qpel16_mc31_old_c
ff_put_qpel16_mc32_old_c
ff_put_qpel16_mc33_old_c
ff_put_qpel8_mc11_old_c
ff_put_qpel8_mc12_old_c
ff_put_qpel8_mc13_old_c
ff_put_qpel8_mc31_old_c
ff_put_qpel8_mc32_old_c
ff_put_qpel8_mc33_old_c
ff_put_string
ff_put_vc1_mspel_mc00_mmx
ff_pw_128
ff_pw_15
ff_pw_16
ff_pw_20
ff_pw_255
ff_pw_28
ff_pw_3
ff_pw_32
ff_pw_4
ff_pw_42
ff_pw_5
ff_pw_64
ff_pw_8
ff_pw_96
ff_rate_control_init
ff_rate_control_uninit
ff_rate_estimate_qscale
ff_raw_pixelFormatTags
ff_reverse
ff_rl_mpeg1
ff_rl_mpeg2
ff_set_cmp
ff_set_mpeg4_time
ff_set_qscale
ff_shrink22
ff_shrink44
ff_shrink88
ff_simple_idct
ff_simple_idct248_put
ff_simple_idct44_add
ff_simple_idct48_add
ff_simple_idct84_add
ff_simple_idct_add
ff_simple_idct_add_mmx
ff_simple_idct_mmx
ff_simple_idct_put
ff_simple_idct_put_mmx
ff_squareTbl
ff_update_duplicate_context
ff_vbv_update
ff_vector_fmul_add_add_c
ff_vector_fmul_window_c
ff_wmv2_idct_c
ff_write_pass1_stats
ff_write_quant_matrix
ff_wtwo
ff_zigzag248_direct
ff_zigzag_direct
first_avcodec
first_bitstream_filter
flv_decoder
flv_encoder
flv_h263_decode_picture_header
free_vlc
h263_decode_init_vlc
h263_decode_picture_header
h263_decoder
h263_encode_gob_header
h263_encode_init
h263_encode_mb
h263_encode_picture_header
h263_encoder
h263_get_picture_format
h263_parser
h263_pred_motion
h263i_decoder
h263p_encoder
img_convert
img_get_alpha_info
img_resample
img_resample_close
img_resample_full_init
img_resample_init
init_rl
init_vlc_rl
init_vlc_sparse
intel_h263_decode_picture_header
inter_MCBPC_bits
inter_MCBPC_code
inter_level
inter_run
inter_vlc
intra_MCBPC_bits
intra_MCBPC_code
intra_level
intra_run
intra_vlc
inv_zigzag_direct16
j_rev_dct
j_rev_dct1
j_rev_dct2
j_rev_dct4
mm_flags
mm_support
mpeg4_decoder
mpeg4_encode_mb
mpeg4_encode_picture_header
mpeg4_encoder
mpeg4_pred_ac
msmpeg4v1_decoder
msmpeg4v1_encoder
msmpeg4v2_decoder
msmpeg4v2_encoder
msmpeg4v3_decoder
msmpeg4v3_encoder
mvtab
put_pixels_clamped_mmx
put_signed_pixels_clamped_mmx
register_avcodec
rv10_encoder
rv20_encoder
sws_freeContext
sws_getCachedContext
sws_getContext
sws_scale
wmv1_decoder
wmv1_encoder

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 788KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
avutil-49.dll
.dll windows:4 windows x86 arch:x86

944e5d86724991d4bf88388564691941

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
InterlockedExchange
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
Sleep
WideCharToMultiByte

msvcrt

__dllonexit
__lc_codepage
__mb_cur_max
_errno
_iob
fflush
fputc
free
frexp
getenv
ldexp
localeconv
log
malloc
memcpy
memset
realloc
strchr
strlen
toupper
wcslen

Exports

Exports

_get_output_format
av_add_q
av_adler32_update
av_aes_crypt
av_aes_init
av_aes_size
av_base64_decode
av_base64_encode
av_crc
av_crc_get_table
av_crc_init
av_d2q
av_dbl2ext
av_dbl2int
av_div_q
av_evaluate_lls
av_ext2dbl
av_fifo_drain
av_fifo_free
av_fifo_generic_read
av_fifo_generic_write
av_fifo_init
av_fifo_read
av_fifo_realloc
av_fifo_realloc2
av_fifo_size
av_fifo_write
av_flt2int
av_free
av_freep
av_init_lls
av_init_random
av_int2dbl
av_int2flt
av_lfg_init
av_log
av_log_default_callback
av_log_get_level
av_log_level
av_log_set_callback
av_log_set_level
av_malloc
av_mallocz
av_md5_final
av_md5_init
av_md5_size
av_md5_sum
av_md5_update
av_memcpy_backptr
av_mul_q
av_random_generate_untempered_numbers
av_realloc
av_reduce
av_rescale
av_rescale_q
av_rescale_rnd
av_sha1_final
av_sha1_init
av_sha1_size
av_sha1_update
av_solve_lls
av_strdup
av_stristart
av_strlcat
av_strlcatf
av_strlcpy
av_strstart
av_sub_q
av_tree_destroy
av_tree_find
av_tree_insert
av_tree_node_size
av_update_lls
av_vlog
avutil_version
ff_des_encdec
ff_gcd
ff_log2_tab
ff_rc4_enc
ff_sqrt_tab
lzo1x_decode

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
i386/ZoiPRINTDRV.dll
.dll windows:6 windows x86 arch:x86

291e06750594e49cc88a08f540192448

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\prj\zoiprint\i386\ZOIPRINTDRV.pdb

Imports

msvcrt

_amsg_exit
_initterm
free
malloc
_XcptFilter
_adjust_fdiv
strncmp
vsprintf
sprintf
qsort
fprintf
bsearch
_lfind
floor
_CIpow
_CIexp
rand
_CIlog
_CIsqrt
_CIatan2
fclose
fwrite
fopen
memcpy
wcsstr
_vsnwprintf
_vsnprintf
memmove
memset
??2@YAPAXI@Z
??3@YAXPAX@Z

kernel32

FreeLibrary
CreateFileW
LocalAlloc
LocalFree
GlobalSize
GlobalFree
GlobalAlloc
LoadLibraryW
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
GetFileSize
SetFilePointer
WriteFile
ReadFile
FormatMessageW
GetLastError
CreateDirectoryW
GetLocalTime
SetLastError
CreateFileA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlUnwind
InterlockedCompareExchange
Sleep
InterlockedExchange
GetVersion
InterlockedDecrement
GetSystemTimeAsFileTime
MoveFileW
GetCurrentThread
CloseHandle
WideCharToMultiByte
InterlockedIncrement

advapi32

AdjustTokenPrivileges
CreateProcessAsUserW
ImpersonateLoggedOnUser
DuplicateTokenEx
OpenThreadToken
LookupPrivilegeValueW

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

shlwapi

AssocQueryStringByKeyW
AssocQueryKeyW

user32

GetDlgItem
SetFocus
SendMessageW
GetWindowLongW
SetWindowLongW
GetWindowTextW
GetFocus
MessageBoxA
DialogBoxParamW
EndDialog
MessageBoxW

shell32

SHGetFolderPathW

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 205KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
i386/Zoipres.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
i386/Zoiprint.gpd
i386/Zoiprint.ini
installer32.exe
.exe windows:5 windows x86 arch:x86

3a9a7cc1094232ac8695626fc609a3e5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetProcAddress
GetModuleHandleA
GetVersionExA
MultiByteToWideChar
GetLastError
LocalAlloc
LocalFree
LoadLibraryA
HeapSize
RtlUnwind
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
HeapFree
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapAlloc
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
RaiseException
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW

user32

MessageBoxA

winspool.drv

EnumPortsA
AddPrinterDriverA
XcvDataW
OpenPrinterA
ClosePrinter
GetPrintProcessorDirectoryA
AddPrinterA
EnumPrintersA
GetPrinterDriverDirectoryA

shell32

SHGetFolderPathA

setupapi

SetupInitDefaultQueueCallback
SetupDefaultQueueCallbackA
SetupSetDirectoryIdA
SetupOpenInfFileA
SetupInstallFilesFromInfSectionA
SetupTermDefaultQueueCallback
SetupCloseFileQueue
SetupCloseInfFile
SetupOpenFileQueue
SetupCommitFileQueueA
SetupQueueCopyA
SetupFindFirstLineA

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
installer64.exe
.exe windows:5 windows x64 arch:x64

1b9e127941a206dd4846b2ec06ca3e0c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetProcAddress
GetModuleHandleA
GetVersionExA
MultiByteToWideChar
GetLastError
LocalAlloc
LocalFree
HeapReAlloc
InitializeCriticalSectionAndSpinCount
LoadLibraryA
HeapSize
GetLocaleInfoA
EnterCriticalSection
LeaveCriticalSection
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCommandLineA
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
HeapAlloc
HeapSetInformation
HeapCreate
RaiseException
RtlPcToFileHeader
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
RtlUnwindEx
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection

winspool.drv

EnumPrintersA
XcvDataW
EnumPortsA
AddPrinterDriverA
OpenPrinterA
ClosePrinter
GetPrintProcessorDirectoryA
AddPrinterA
GetPrinterDriverDirectoryA

shell32

SHGetFolderPathA

setupapi

SetupInitDefaultQueueCallback
SetupDefaultQueueCallbackA
SetupSetDirectoryIdA
SetupOpenInfFileA
SetupInstallFilesFromInfSectionA
SetupTermDefaultQueueCallback
SetupCloseFileQueue
SetupCloseInfFile
SetupOpenFileQueue
SetupCommitFileQueueA
SetupQueueCopyA
SetupFindFirstLineA

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 946B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
uninstall.exe
.exe windows:5 windows x86 arch:x86

b729b61eb1515fcf7b3e511e4e66258b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
CloseHandle
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
MulDiv
lstrlenA
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrcpynA

user32

ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
FindWindowExW
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
IsWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 1.7MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:5 windows x86 arch:x86

e981c0ab92cb1f191bb5e23392e14796

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
lstrlenW
GlobalAlloc
lstrcmpW
GetModuleHandleW
MulDiv
lstrcpyW
lstrcpynW

user32

SetWindowTextW
SetDlgItemTextW
EndDialog
SendDlgItemMessageW
DialogBoxParamW
LoadIconW
SendMessageW
ShowWindow
GetDC

gdi32

CreateFontIndirectW
GetDeviceCaps
DeleteObject

Exports

Exports

LangDialog

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 729B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 350B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:5 windows x86 arch:x86

6c41c5e4d44f55745b925cc4e42b7fab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyW
lstrcpynW
GetProcAddress
WideCharToMultiByte
lstrcatW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
lstrlenW
FreeLibrary

user32

wsprintfW

ole32

CLSIDFromString
StringFromGUID2

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 899B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 574B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UserInfo.dll
.dll windows:5 windows x86 arch:x86

45d25ca52c312b2254c60dbcb30342d1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
GetCurrentThread
GetCurrentProcess
GetModuleHandleW
GetProcAddress
GetLastError
GlobalFree
CloseHandle
lstrcpynW
GlobalAlloc

advapi32

OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
GetUserNameW
OpenThreadToken

Exports

Exports

GetAccountType
GetName
GetOriginalAccountType

Sections

.text
Size: 1024B - Virtual size: 696B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 753B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
uninstaller32.exe
.exe windows:5 windows x86 arch:x86

562b6f5589fee31463cfd05390d86d0a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetProcAddress
GetModuleHandleA
GetVersionExA
MultiByteToWideChar
GetLastError
LoadLibraryA
HeapSize
RtlUnwind
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
HeapFree
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapAlloc
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
RaiseException
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW

user32

MessageBoxA

winspool.drv

DeletePrinterDriverA
XcvDataW
OpenPrinterA
ClosePrinter
DeletePrinter
EnumPrintersA

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
uninstaller64.exe
.exe windows:5 windows x64 arch:x64

2508828288d6d167a87248cedd34130a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetProcAddress
GetModuleHandleA
GetVersionExA
MultiByteToWideChar
GetLastError
HeapReAlloc
InitializeCriticalSectionAndSpinCount
LoadLibraryA
HeapSize
GetLocaleInfoA
EnterCriticalSection
LeaveCriticalSection
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCommandLineA
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
HeapAlloc
HeapSetInformation
HeapCreate
RaiseException
RtlPcToFileHeader
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
RtlUnwindEx
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection

winspool.drv

EnumPrintersA
XcvDataW
DeletePrinterDriverA
OpenPrinterA
ClosePrinter
DeletePrinter

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b729b61eb1515fcf7b3e511e4e66258b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 409KB

.ndata Size: - Virtual size: 1.7MB

.rsrc Size: 20KB - Virtual size: 19KB

e981c0ab92cb1f191bb5e23392e14796

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 729B

.data Size: - Virtual size: 6KB

.rsrc Size: 512B - Virtual size: 352B

.reloc Size: 512B - Virtual size: 350B

b1d9539c7cfd95718179dedb471b482f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 296B

.reloc Size: 1024B - Virtual size: 572B

6c41c5e4d44f55745b925cc4e42b7fab

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 1024B - Virtual size: 899B

.data Size: 512B - Virtual size: 64B

.reloc Size: 1024B - Virtual size: 574B

45d25ca52c312b2254c60dbcb30342d1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Exports

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 409KB

.ndata
Size: - Virtual size: 1.7MB

.rsrc
Size: 20KB - Virtual size: 19KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 729B

.data
Size: - Virtual size: 6KB

.rsrc
Size: 512B - Virtual size: 352B

.reloc
Size: 512B - Virtual size: 350B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 296B

.reloc
Size: 1024B - Virtual size: 572B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 899B

.data
Size: 512B - Virtual size: 64B

.reloc
Size: 1024B - Virtual size: 574B

.text
Size: 1024B - Virtual size: 696B

.rdata
Size: 1024B - Virtual size: 753B

.data
Size: 512B - Virtual size: 48B

.reloc
Size: 512B - Virtual size: 240B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: - Virtual size: 48B

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 590B

.text
Size: 65KB - Virtual size: 64KB

.itext
Size: 1024B - Virtual size: 704B

.data
Size: 3KB - Virtual size: 3KB

.bss
Size: - Virtual size: 18KB

.idata
Size: 3KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 485B

.reloc
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 8KB - Virtual size: 8KB

.text
Size: 418KB - Virtual size: 418KB

.rdata
Size: 101KB - Virtual size: 100KB

.data
Size: 19KB - Virtual size: 35KB

.rsrc
Size: 25KB - Virtual size: 25KB

.reloc
Size: 51KB - Virtual size: 50KB