nine_sorairo[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

nine_sorairo.zip
Size

4.4MB
MD5

5459221a100f37d5a908c9c1ebcf04d2
SHA1

fa67a20ddfd02d6b99b88386f8b5ad0de90790e0
SHA256

a3a64cf849f1b9324263457e0f223b084dfe35ea9378ff376afb399b6425402a
SHA512

0d445bbbc6c21c2ef60b4b6a49ed1da7981239baca089fc0771e6ee0e61453d2d2f6ca972d96697f4764a8aceb72a30844bfc16da07a9cfd44ded800097a1004
SSDEEP

98304:33e8thzqudl3aGFS9q2f2HWchUWAM+G8Dnn/cVf:3/3aGwz2HliWu7n/cp

Score

3^/10

Malware Config

Signatures

Unsigned PE 27 IoCs

Checks for missing Authenticode signature.

resource
unpack001/nine_sorairo.exe
unpack001/plugin/AlphaMovie.dll
unpack001/plugin/KAGParserEx.dll
unpack001/plugin/PackinOne.dll
unpack001/plugin/SteamDrawDevice.dll
unpack001/plugin/extNagano.dll
unpack001/plugin/extrans.dll
unpack001/plugin/getLangName.dll
unpack001/plugin/getSample.dll
unpack001/plugin/k2compat.dll
unpack001/plugin/kagexopt.dll
unpack001/plugin/krkrsteam.dll
unpack001/plugin/krmovie.dll
unpack001/plugin/kztouch.dll
unpack001/plugin/layerExDraw.dll
unpack001/plugin/lzfs.dll
unpack001/plugin/menu.dll
unpack001/plugin/multiimage.dll
unpack001/plugin/pkutil.dll
unpack001/plugin/psbfile.dll
unpack001/plugin/psd.dll
unpack001/plugin/textrender.dll
unpack001/plugin/win32dialog.dll
unpack001/plugin/win32ole.dll
unpack001/plugin/windowEx.dll
unpack001/plugin/wuopus.dll
unpack001/plugin/wuvorbis.dll

Files

nine_sorairo.zip
.zip
nine_sorairo.exe
.exe windows:5 windows x86 arch:x86

9567e2dba4e003d705d55f3641eaa38e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

tvpwin32.pdb

Imports

kernel32

FindResourceW
LoadResource
IsBadReadPtr
GlobalAlloc
Sleep
SizeofResource
GetVersionExW
GlobalFree
LockResource
GlobalMemoryStatusEx
SetCurrentDirectoryW
HeapSetInformation
GetCurrentThreadId
GetSystemTime
CreateMutexW
HeapQueryInformation
GetProcessHeaps
HeapWalk
GetNativeSystemInfo
HeapAlloc
HeapFree
VirtualFree
SetLastError
VirtualAlloc
LoadLibraryA
VirtualProtect
GetConsoleMode
FreeConsole
WriteConsoleW
GetLocalTime
SetConsoleTitleW
OpenProcess
GetProcessAffinityMask
SetThreadAffinityMask
GlobalMemoryStatus
TerminateProcess
GetCurrentThread
SetThreadPriority
GlobalDeleteAtom
GlobalAddAtomW
MulDiv
OutputDebugStringW
FormatMessageW
LoadLibraryExW
SearchPathW
GetSystemDirectoryW
GetWindowsDirectoryW
WideCharToMultiByte
IsDBCSLeadByte
MultiByteToWideChar
GlobalLock
GlobalUnlock
InterlockedIncrement
InterlockedDecrement
WaitForSingleObject
InterlockedCompareExchange
SetEvent
ExitThread
CreateEventW
SetThreadIdealProcessor
VirtualQuery
GetThreadPriority
SuspendThread
ResumeThread
CreateThread
HeapDestroy
HeapCreate
LocalSize
GetTempFileNameW
SetEnvironmentVariableW
SetEnvironmentVariableA
GetExitCodeProcess
GetCurrentDirectoryW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetModuleFileNameA
ReadConsoleW
SetFilePointerEx
GetConsoleCP
GetTimeZoneInformation
GetFileType
GetFileAttributesExW
GetOEMCP
GetACP
IsValidCodePage
HeapSize
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCPInfo
RaiseException
RtlUnwind
GetCommandLineA
GetSystemTimeAsFileTime
AreFileApisANSI
GetModuleHandleExW
HeapReAlloc
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer
GetStringTypeW
ExitProcess
DeleteFileA
GetFullPathNameW
LocalFree
LocalLock
LocalUnlock
GetVolumeInformationW
GetCurrentProcessId
DeleteFileW
RemoveDirectoryW
GetTempPathW
GetFileAttributesW
CreateFileW
GetTickCount
CreateDirectoryW
SetEndOfFile
GetDriveTypeW
SetFilePointer
GetFileSize
CloseHandle
DuplicateHandle
CreatePipe
SetStdHandle
GetStdHandle
FlushFileBuffers
GetModuleFileNameW
ReadFile
WriteFile
GetCurrentProcess
CreateProcessW
FindNextFileW
FindClose
GetProcAddress
LoadLibraryW
FreeLibrary
FindFirstFileW
GetLastError
GetModuleHandleW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetProcessHeap
GetSystemInfo
HeapCompact

user32

GetClipboardData
OpenClipboard
SetClipboardData
LoadStringW
ClientToScreen
SetWindowRgn
SetCapture
GetFocus
EnumDisplaySettingsExW
SetFocus
GetForegroundWindow
GetKeyboardLayout
SetCursorPos
MonitorFromWindow
DestroyCaret
IsClipboardFormatAvailable
SetCaretPos
GetPriorityClipboardFormat
CloseClipboard
KillTimer
SetTimer
ReleaseDC
GetDC
ChangeDisplaySettingsW
GetSysColor
MessageBoxW
PostQuitMessage
SetWindowPos
GetParent
GetWindowRect
DefWindowProcW
CreateWindowExW
SetWindowLongW
GetWindowLongW
RegisterClassExW
GetClassInfoExW
PostMessageW
DestroyWindow
GetWindowThreadProcessId
SystemParametersInfoW
EnumDisplaySettingsW
LoadCursorFromFileW
CreateCaret
GetMonitorInfoW
EndPaint
GetWindowTextLengthW
GetSystemMenu
ScreenToClient
SetActiveWindow
GetMessageExtraInfo
GetKeyState
TrackMouseEvent
IsWindowEnabled
SendMessageW
GetCursorPos
BeginPaint
SetPropW
GetCapture
GetMenu
LoadIconW
SetRect
InvalidateRect
GetWindowTextW
GetMenuItemCount
AdjustWindowRectEx
ReleaseCapture
IsWindowVisible
UpdateWindow
SetWindowTextW
SetCursor
LoadCursorW
WindowFromPoint
GetCursor
DialogBoxParamW
GetDlgItem
EndDialog
SetDlgItemTextW
EnableWindow
TranslateAcceleratorW
DestroyAcceleratorTable
IsIconic
CreateAcceleratorTableW
WaitMessage
TranslateMessage
LoadAcceleratorsW
PeekMessageW
ShowWindow
DispatchMessageW
GetAsyncKeyState
GetSystemMetrics
EnumWindows
GetClientRect

gdi32

SelectObject
CreateFontIndirectW
GetTextMetricsW
GetStockObject
EnumFontFamiliesExW
GetObjectW
CreateCompatibleDC
GetFontData
DeleteDC
EnumFontsW
CreateDIBitmap
GetPixel
CreateCompatibleBitmap
SetPixel
DeleteObject
CombineRgn
CreateRectRgn
ExtCreateRegion
GetTextExtentPoint32W
GetOutlineTextMetricsW
CreateDIBSection
GetDeviceCaps
GetGlyphOutlineW

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

SHGetPathFromIDListW
DragQueryFileW
DragFinish
SHBrowseForFolderW
DragAcceptFiles
ShellExecuteW
SHGetSpecialFolderPathW

ole32

CoTaskMemFree
CoCreateGuid
CoTaskMemAlloc
StringFromGUID2

winmm

timeEndPeriod
timeGetTime
timeGetDevCaps
timeBeginPeriod

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

mpr

WNetGetUniversalNameW

shlwapi

PathIsDirectoryW
PathFileExistsW

imm32

ImmGetContext
ImmGetOpenStatus
ImmIsIME
ImmSetCompositionFontW
ImmSetConversionStatus
ImmSetOpenStatus
ImmAssociateContext
ImmGetConversionStatus
ImmSetCompositionWindow
ImmReleaseContext

dbghelp

MiniDumpWriteDump

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 946KB - Virtual size: 948KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 684KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 187KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 300KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/AlphaMovie.dll
.dll windows:6 windows x86 arch:x86

6d3c5bab6b0eb2ee1d145bff5df94081

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\Develop\krkrz\plugins\ambug\krkrz_dev\src\plugin\AlphaMovie.pdb

Imports

kernel32

InitializeCriticalSection
DeleteCriticalSection
CreateEventA
EnterCriticalSection
LeaveCriticalSection
SetEvent
WaitForSingleObject
CloseHandle
WaitForMultipleObjects
GetCurrentThreadId
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
GetProcAddress
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
EncodePointer
GetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
RaiseException
InterlockedFlushSList
SetLastError
RtlUnwind
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
HeapFree
HeapAlloc
HeapReAlloc
HeapSize
GetACP
GetStdHandle
GetFileType
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStringTypeW
SetStdHandle
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
DecodePointer
WriteConsoleW
CreateFileW

Exports

Exports

V2Link
V2Unlink

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/KAGParserEx.dll
.dll windows:5 windows x86 arch:x86

858595856e27bce3ed91073dc390cbfb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
RaiseException
RtlUnwind
HeapAlloc
GetLastError
HeapFree
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
HeapSize
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

V2Link
V2Unlink
_V2Link@4
_V2Unlink@0

Sections

.text
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/PackinOne.dll
.dll windows:5 windows x86 arch:x86

98984250f0563ae65cf68502ef9a6598

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetFilePointerEx
MoveFileW
FindClose
FindNextFileW
FindFirstFileW
RemoveDirectoryW
CreateDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
CopyFileW
SearchPathW
GetCurrentDirectoryW
GetEnvironmentVariableW
SetEnvironmentVariableW
ExpandEnvironmentStringsW
WaitForSingleObject
OpenMutexW
GetProcAddress
GetModuleHandleW
GlobalUnlock
GlobalLock
GlobalAlloc
MultiByteToWideChar
WriteFile
DuplicateHandle
SetEndOfFile
GetCurrentProcess
GetVersionExW
GetExitCodeProcess
TerminateProcess
FreeConsole
AttachConsole
GenerateConsoleCtrlEvent
GetProcessId
CreateProcessW
ReadFile
PeekNamedPipe
GetTickCount
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
DeleteFileW
SetFileTime
GetFileSizeEx
CloseHandle
GetFileTime
GetFileAttributesW
CreateFileW
GetLastError
FormatMessageW
CreatePipe
LocalFree
SetFilePointer
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
InitializeCriticalSection
RtlUnwind
RaiseException
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
HeapAlloc
HeapFree
ExitThread
ResumeThread
CreateThread
GetCurrentThreadId
GetCommandLineA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetStdHandle
GetModuleFileNameA
GetModuleHandleA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
Sleep
ExitProcess
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryA
GetLocaleInfoW
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW

user32

RegisterClassExW
DestroyWindow
SetWindowPos
CreateWindowExW
SetWindowLongW
GetWindowLongW
DefWindowProcW
PostMessageW
UnregisterClassW
MessageBoxW
SendMessageW

gdi32

AddFontMemResourceEx
RemoveFontResourceExW
RemoveFontMemResourceEx
AddFontResourceExW

advapi32

SetSecurityDescriptorDacl
RegCreateKeyExW
RegSetValueExW
RegCloseKey
InitializeSecurityDescriptor

shell32

ShellExecuteExW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
SHGetDesktopFolder
SHGetFileInfoW

ole32

CreateStreamOnHGlobal

Exports

Exports

V2Link
V2Unlink
_V2Link@4
_V2Unlink@0

Sections

.text
Size: 409KB - Virtual size: 409KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/SteamDrawDevice.dll
.dll windows:5 windows x86 arch:x86

d54d91d4d289c3c6643f5858e13acdf2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeGetTime

kernel32

GetProcAddress
LoadLibraryW
WriteConsoleW
SetFilePointerEx
CloseHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetStringTypeW
HeapReAlloc
SetStdHandle
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
RaiseException
RtlUnwind
GetCommandLineA
GetCurrentThreadId
GetStdHandle
WriteFile
GetModuleFileNameW
IsProcessorFeaturePresent
GetLastError
HeapAlloc
HeapFree
IsDebuggerPresent
SetLastError
InterlockedIncrement
InterlockedDecrement
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
GetProcessHeap
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
CreateFileW
GetEnvironmentStringsW
FreeEnvironmentStringsW
WideCharToMultiByte
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
Sleep
HeapSize
OutputDebugStringW
LoadLibraryExW
LCMapStringW
EnterCriticalSection
LeaveCriticalSection
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo

user32

MonitorFromWindow
ChangeDisplaySettingsA
GetClientRect
ReleaseDC
GetDC
GetForegroundWindow
SetWindowPos

gdi32

GetDeviceCaps

Exports

Exports

V2Link
V2Unlink
_V2Link@4
_V2Unlink@0

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/extNagano.dll
.dll windows:4 windows x86 arch:x86

a691dab9c0001fc0f7aa3f666bf983ba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount
RtlUnwind
RaiseException
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WriteFile
GetStdHandle
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
ExitProcess
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
GetLocaleInfoA
VirtualAlloc
HeapReAlloc
HeapSize
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSection
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
CloseHandle
FlushFileBuffers

Exports

Exports

V2Link
V2Unlink

Sections

.text
Size: 168KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/extrans.dll
.dll windows:4 windows x86 arch:x86

4be14ca1a27413bdba5236c97f255b5e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RtlUnwind
RaiseException
GetCommandLineA
GetVersion
HeapAlloc
HeapFree
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetProcAddress
GetModuleHandleA
SetUnhandledExceptionFilter
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
HeapReAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

V2Link
V2Unlink

Sections

.text
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/getLangName.dll
.dll windows:5 windows x86 arch:x86

05a19f30d8718d0c0091c8c4c8c5c62b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLocaleInfoW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
RtlUnwind
RaiseException
GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteFile
GetStdHandle
GetModuleFileNameA
HeapFree
HeapAlloc
Sleep
ExitProcess
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
GetLocaleInfoA
VirtualAlloc
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

V2Link
V2Unlink
_V2Link@4
_V2Unlink@0

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/getSample.dll
.dll windows:4 windows x86 arch:x86

a8d6acb68e9c4d6e644d007aa3fc20db

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\dwork\kirikiri\kirikiri2\kirikiri2\bin\win32\plugin\getSample.pdb

Imports

kernel32

GetLastError
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
RaiseException
ExitProcess
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSection
RtlUnwind
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
GetLocaleInfoA
HeapSize
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

V2Link
V2Unlink
_V2Link@4
_V2Unlink@0

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/k2compat.dll
.dll windows:5 windows x86 arch:x86

a9a3e4645161cff414f220878dd28f51

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalFree
FormatMessageW
GetLastError
GetModuleHandleA
GlobalAddAtomA
GlobalDeleteAtom
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
RtlUnwind
RaiseException
GetCurrentThreadId
GetCommandLineA
HeapFree
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteFile
GetStdHandle
GetModuleFileNameA
HeapAlloc
Sleep
HeapSize
ExitProcess
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount

user32

GetMessageExtraInfo
GetPropA
SetPropA
SetWindowLongA
GetWindowLongA
ShowWindow
DestroyWindow
GetClassInfoExW
DefWindowProcA
LoadIconA
RegisterClassExW
CreateWindowExW

Exports

Exports

V2Link
V2Unlink
_V2Link@4
_V2Unlink@0

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/kagexopt.dll
.dll windows:5 windows x86 arch:x86

d0b0ab81bf0e4cd20070f6525db9fd67

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Exports

Exports

GetOptionDesc
_GetOptionDesc@0

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/krkrsteam.dll
.dll windows:6 windows x86 arch:x86

55cd77a856643049250dbd5cf0687dd6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalSize
GlobalLock
GlobalUnlock
GlobalFree
OutputDebugStringA
CreateFileW
FlushFileBuffers
WriteConsoleW
SetStdHandle
GetStringTypeW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
HeapReAlloc
EncodePointer
DecodePointer
RaiseException
RtlUnwind
GetCommandLineA
GetCurrentThreadId
GetStdHandle
WriteFile
GetModuleFileNameW
IsProcessorFeaturePresent
GetLastError
HeapFree
IsDebuggerPresent
SetLastError
InterlockedIncrement
InterlockedDecrement
HeapAlloc
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
HeapSize
Sleep
GetProcessHeap
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
WideCharToMultiByte
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
OutputDebugStringW
LoadLibraryExW
LoadLibraryW
LCMapStringW
EnterCriticalSection
LeaveCriticalSection
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
CloseHandle

ole32

CreateStreamOnHGlobal

steam_api

SteamAPI_UnregisterCallback
SteamAPI_GetHSteamUser
SteamAPI_RunCallbacks
SteamAPI_Shutdown
SteamAPI_Init
SteamInternal_CreateInterface
SteamAPI_RegisterCallback
SteamAPI_GetHSteamPipe

Exports

Exports

V2Link
V2Unlink
_V2Link@4
_V2Unlink@0

Sections

.text
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/krmovie.dll
.dll windows:4 windows x86 arch:x86

ed87bfabb67123645f421cc154eac5b7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

quartz

AMGetErrorTextA

kernel32

GetEnvironmentStrings
CloseHandle
InitializeCriticalSection
GetLastError
CreateThread
EnterCriticalSection
WaitForMultipleObjects
LeaveCriticalSection
ResetEvent
WaitForSingleObject
SetEvent
DeleteCriticalSection
FreeLibrary
GetProcAddress
LoadLibraryA
GetCurrentThreadId
GetModuleHandleA
GetCurrentProcessId
GetACP
SetThreadPriority
CreateEventA
InterlockedExchange
CreateSemaphoreA
GetVersionExA
GetTickCount
GetCurrentThread
MultiByteToWideChar
GetThreadPriority
InterlockedDecrement
ReleaseSemaphore
GetCurrentProcess
DuplicateHandle
GetSystemInfo
VirtualAlloc
VirtualFree
lstrcmpW
InterlockedIncrement
Sleep
MulDiv
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
RtlUnwind
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoA
IsValidCodePage
GetOEMCP
GetCPInfo
HeapReAlloc
HeapSize
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
GetSystemTimeAsFileTime
QueryPerformanceCounter
HeapCreate
HeapDestroy
GetEnvironmentStringsW
WideCharToMultiByte
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
RaiseException
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
WriteFile
GetStdHandle
GetModuleFileNameA
ExitProcess
FreeEnvironmentStringsW

user32

MoveWindow
MonitorFromWindow
SendMessageA
DefWindowProcA
MessageBoxA
GetClientRect
ShowWindow
RegisterClassExA
EndPaint
UpdateWindow
DestroyWindow
CreateWindowExA
SetWindowLongA
GetWindowLongA
PeekMessageA
RegisterWindowMessageA
PostThreadMessageA
GetQueueStatus
MsgWaitForMultipleObjects
BeginPaint

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitializeEx
CoInitialize
GetRunningObjectTable
CreateItemMoniker
CoFreeUnusedLibraries

winmm

timeGetTime
timeEndPeriod
timeKillEvent
timeBeginPeriod
timeSetEvent

Exports

Exports

GetAPIVersion
GetMixingVideoOverlayObject
GetOptionDesc
GetVideoLayerObject
GetVideoOverlayObject
V2Link
V2Unlink

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/kztouch.dll
.dll windows:5 windows x86 arch:x86

f9c3b639f8694282308753641d890f9d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeGetTime

kernel32

GetModuleHandleA
LocalFree
FormatMessageW
GetLastError
GetModuleHandleW
GetProcAddress
InitializeCriticalSectionAndSpinCount
GetStringTypeW
GetStringTypeA
LCMapStringW
RtlUnwind
RaiseException
GetCurrentThreadId
GetCommandLineA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
HeapFree
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
Sleep
HeapSize
ExitProcess
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
GetLocaleInfoA
VirtualAlloc
HeapReAlloc
LCMapStringA
MultiByteToWideChar

user32

GetWindowLongA
SetWindowLongA
CallWindowProcA
GetParent
SendMessageA
DefWindowProcA
GetMessageExtraInfo
ScreenToClient
EnumChildWindows
GetSystemMetrics
EnumDisplaySettingsExA
GetClassNameA

Exports

Exports

V2Link
V2Unlink
_V2Link@4
_V2Unlink@0

Sections

.text
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/layerExDraw.dll
.dll windows:5 windows x86 arch:x86

2198443966a7b01509973e8356cec60f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
GlobalUnlock
GlobalAlloc
GlobalLock
GlobalSize
FlushFileBuffers
CloseHandle
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetLocaleInfoA
GetConsoleMode
GetConsoleCP
SetFilePointer
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
HeapSize
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
GetProcAddress
Sleep
GetModuleHandleW
HeapReAlloc
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
VirtualFree
HeapDestroy
HeapCreate
RtlUnwind
RaiseException
GetCommandLineA
GetCurrentThreadId
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapAlloc
HeapFree
GetLastError
GetModuleHandleA

gdi32

GetGlyphOutlineW
CreateFontIndirectW
DeleteObject
SelectObject
CreateCompatibleDC
GetOutlineTextMetricsW

ole32

CreateStreamOnHGlobal

gdiplus

GdipEndContainer
GdipAddPathString
GdipSetPenEndCap
GdipAddPathPolygon
GdipResetWorldTransform
GdipSetPenDashCap197819
GdipDeletePath
GdipPrivateAddMemoryFont
GdipDeleteRegion
GdipCreateAdjustableArrowCap
GdipRotateMatrix
GdipCreateHatchBrush
GdipSetLineWrapMode
GdipBitmapGetPixel
GdipMeasureCharacterRanges
GdipGetImageEncoders
GdipDrawString
GdipCloneStringFormat
GdipNewPrivateFontCollection
GdipSetPenCustomEndCap
GdipSetCompositingMode
GdipSetLineGammaCorrection
GdipDeletePrivateFontCollection
GdipTransformMatrixPoints
GdipCreateRegion
GdipCreateFontFamilyFromName
GdipSaveImageToFile
GdipGetRegionScansCount
GdipGetImageBounds
GdipFillPath
GdipDeleteMatrix
GdipSetPenStartCap
GdipAddPathCurve
GdipAddPathCurve2
GdipSetLineLinearBlend
GdipCloneImage
GdipCloneFontFamily
GdipSetPenDashStyle
GdipBeginContainer2
GdipGetRegionScans
GdipCreatePath
GdipGetImageWidth
GdipAddPathClosedCurve
GdipAddPathRectangles
GdipSetPathGradientCenterPoint
GdipCreatePen1
GdipDeleteStringFormat
GdipSetPenLineJoin
GdipSetPenDashOffset
GdipMultiplyMatrix
GdipSetPathGradientLinearBlend
GdipSetLineBlend
GdipAddPathPie
GdipNewInstalledFontCollection
GdiplusStartup
GdipGetImageType
GdipGetImagePixelFormat
GdipIsMatrixInvertible
GdipGetMatrixElements
GdipShearMatrix
GdipIsMatrixIdentity
GdipCreateMatrix3
GdipImageRotateFlip
GdipInvertMatrix
GdipGetImageFlags
GdipAddPathPath
GdipStartPathFigure
GdipCreateFont
GdipSetPenWidth
GdipAddPathLine
GdipAddPathEllipse
GdipDisposeImage
GdipCreateMatrix2
GdipSetStringFormatMeasurableCharacterRanges
GdipSetMatrixElements
GdipGetImageEncodersSize
GdipAlloc
GdipTranslateMatrix
GdipSetAdjustableArrowCapMiddleInset
GdipLoadImageFromStreamICM
GdipCreateSolidFill
GdipSetPenMiterLimit
GdipDeleteFontFamily
GdipCreatePen2
GdipCreatePathGradient
GdipAddPathBezier
GdipSetPathGradientGammaCorrection
GdipSetLinePresetBlend
GdipGetImageVerticalResolution
GdipGetPathGradientPointCount
GdipCreateTexture
GdipSetPathGradientSigmaBlend
GdipClosePathFigure
GdipSetSmoothingMode
GdipGetRegionBounds
GdipCreateRegionRectI
GdipSetPenCustomStartCap
GdipGraphicsClear
GdipSetPathGradientFocusScales
GdipSetWorldTransform
GdipGetFontCollectionFamilyCount
GdipCreateLineBrush
GdipMultiplyWorldTransform
GdipGetImageGraphicsContext
GdipSetPenCompoundArray
GdipAddPathLine2
GdipSetPenDashArray
GdipAddPathRectangle
GdipDeleteGraphics
GdipCreateBitmapFromScan0
GdipGetPathWorldBounds
GdipAddPathBeziers
GdipDeleteFont
GdipDrawPath
GdipSetPenMode
GdipCreateMatrix
GdipSetTextRenderingHint
GdipIsMatrixEqual
GdipCreateLineBrushFromRect
GdipSetPathGradientSurroundColorsWithCount
GdipDrawImagePointsRect
GdipGetFamilyName
GdipClonePen
GdipCombineRegionRectI
GdipMeasureString
GdipPrivateAddFontFile
GdipAddPathArc
GdipStringFormatGetGenericDefault
GdipCreateTexture2
GdipSetPathGradientPresetBlend
GdipGetImageHeight
GdipScaleMatrix
GdipDeleteCustomLineCap
GdipRecordMetafileStream
GdipAddPathCurve3
GdipGetImageHorizontalResolution
GdipCloneBrush
GdipSetLineSigmaBlend
GdipAddPathClosedCurve2
GdipSetPathGradientBlend
GdipCreateLineBrushFromRectWithAngle
GdipSetPathGradientCenterColor
GdipDeletePen
GdipGetFontCollectionFamilyList
GdipSetClipRegion
GdipFree
GdipDeleteBrush
GdipLoadImageFromStream
GdiplusShutdown
GdipDrawImageRect

Exports

Exports

V2Link
V2Unlink
_V2Link@4
_V2Unlink@0

Sections

.text
Size: 284KB - Virtual size: 283KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/lzfs.dll
.dll windows:5 windows x86 arch:x86

5b0bd38a9e7b06804ae5050984a7f437

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
GlobalAlloc
RtlUnwind
GetLastError
HeapFree
HeapAlloc
RaiseException
GetCurrentThreadId
GetCommandLineA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
HeapCreate
HeapDestroy
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
Sleep
ExitProcess
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
HeapSize
InitializeCriticalSectionAndSpinCount
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW

ole32

CreateStreamOnHGlobal

Exports

Exports

V2Link
V2Unlink
_V2Link@4
_V2Unlink@0

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/menu.dll
.dll windows:5 windows x86 arch:x86

bb2a3306713ef85e1c85617277d673fd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetStringTypeW
HeapReAlloc
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
RtlUnwind
EncodePointer
DecodePointer
GetLastError
HeapFree
GetCommandLineA
GetCurrentThreadId
IsDebuggerPresent
IsProcessorFeaturePresent
GetStdHandle
WriteFile
GetModuleFileNameW
InterlockedDecrement
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
HeapSize
Sleep
HeapAlloc
RaiseException
GetProcessHeap
SetLastError
InterlockedIncrement
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
WideCharToMultiByte
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
OutputDebugStringW
LoadLibraryExW
LoadLibraryW
LCMapStringW
EnterCriticalSection
LeaveCriticalSection
CreateFileW

user32

InsertMenuItemW
CreatePopupMenu
DrawMenuBar
GetMenuItemCount
RemoveMenu
SetMenuItemInfoW
ClientToScreen
CreateMenu
GetMenu
TrackPopupMenuEx
RedrawWindow
SetMenu
MapVirtualKeyW
LoadStringW
IsWindow
GetKeyNameTextW

Exports

Exports

V2Link
V2Unlink

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/multiimage.dll
.dll windows:5 windows x86 arch:x86

ef9b1a3501ae646c8545abf6b8c56f1f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\dwork\m2\m2tools\plugins\multiimage\Release\multiimage.pdb

Imports

kernel32

SignalObjectAndWait
SetEvent
ExitThread
CreateEventW
SetThreadIdealProcessor
WaitForSingleObject
WaitForMultipleObjects
GetProcessAffinityMask
ResumeThread
CreateThread
GetSystemInfo
GetCurrentProcess
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
RaiseException
RtlUnwind
HeapAlloc
GetLastError
HeapFree
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
HeapSize
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
GetModuleHandleA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
CloseHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA

gdi32

DeleteObject

Exports

Exports

V2Link
V2Unlink
_V2Link@4
_V2Unlink@0

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/pkutil.dll
.dll windows:5 windows x86 arch:x86

367fc920d288e2f5367e1409c108c5f5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

kernel32

GetLastError
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
WideCharToMultiByte
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapAlloc
HeapSize
RaiseException
LoadLibraryA
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
RtlUnwind
VirtualAlloc
HeapReAlloc
InitializeCriticalSectionAndSpinCount
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
GetSystemDefaultLCID
GetUserDefaultLCID
QueryPerformanceCounter
InitializeCriticalSection
GetModuleHandleA

Exports

Exports

V2Link
V2Unlink
_V2Link@4
_V2Unlink@0

Sections

.text
Size: 271KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/psbfile.dll
.dll windows:6 windows x86 arch:x86

61a335346428b547f6b95e158afb3425

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\dwork\m2\m2tools\plugins\psbfile\Release\psbfile.pdb

Imports

kernel32

GetFileSize
MapViewOfFile
UnmapViewOfFile
FormatMessageW
CreateFileW
GetLastError
CreateFileMappingW
CloseHandle
LocalFree
SetStdHandle
SetFilePointerEx
HeapFree
HeapAlloc
EncodePointer
DecodePointer
IsProcessorFeaturePresent
GetCommandLineA
GetCurrentThreadId
RaiseException
RtlUnwind
IsDebuggerPresent
GetProcessHeap
InterlockedDecrement
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
GetStdHandle
WriteFile
GetModuleFileNameW
HeapSize
Sleep
EnterCriticalSection
LeaveCriticalSection
SetLastError
InterlockedIncrement
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
WideCharToMultiByte
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
OutputDebugStringW
LoadLibraryW
HeapReAlloc
LCMapStringW
GetStringTypeW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
WriteConsoleW

ole32

CoTaskMemAlloc

Exports

Exports

V2Link
V2Unlink
_V2Link@4
_V2Unlink@0

Sections

.text
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/psd.dll
.dll windows:5 windows x86 arch:x86

f654d00ade96130b01d691d789156fd7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\dwork\kirikiri\kirikiri2\kirikiri2\bin\win32\plugin\psd.pdb

Imports

kernel32

GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
ReadConsoleW
GetTimeZoneInformation
EncodePointer
DecodePointer
GetCommandLineA
GetCurrentThreadId
IsDebuggerPresent
IsProcessorFeaturePresent
GetLastError
HeapFree
HeapAlloc
GetStdHandle
WriteFile
GetModuleFileNameW
RaiseException
InterlockedDecrement
ExitProcess
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
MultiByteToWideChar
HeapSize
Sleep
SetLastError
InterlockedIncrement
GetProcessHeap
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
WideCharToMultiByte
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
OutputDebugStringW
LoadLibraryExW
LoadLibraryW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
HeapReAlloc
GetStringTypeW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
CloseHandle
CreateFileW
CreateFileA
GetFileSize
SetEndOfFile
SetFilePointer
MapViewOfFileEx
UnmapViewOfFile
GetModuleHandleA
LocalFree
FormatMessageA
CreateFileMappingA
GetFileAttributesW
DeviceIoControl
ReadFile
SetEnvironmentVariableA

ole32

CreateStreamOnHGlobal

Exports

Exports

V2Link
V2Unlink
_V2Link@4
_V2Unlink@0

Sections

.text
Size: 474KB - Virtual size: 473KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/textrender.dll
.dll windows:5 windows x86 arch:x86

f863d60a78db5d09e87abf6bf8b8e079

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\dwork\kirikiri\krkrtemplate\plugins\textrender\Release\textrender.pdb

Imports

kernel32

TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
RaiseException
RtlUnwind
HeapAlloc
GetLastError
HeapFree
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
WriteFile
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
Sleep
ExitProcess
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
LoadLibraryA
GetLocaleInfoA
HeapSize
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
InitializeCriticalSectionAndSpinCount
GetModuleHandleA

Exports

Exports

V2Link
V2Unlink
_V2Link@4
_V2Unlink@0

Sections

.text
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/win32dialog.dll
.dll windows:5 windows x86 arch:x86

2a4f622f9ba493d8f92aa20f5c4fc725

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\_k2svn\kirikiri2\bin\win32\plugin\win32dialog.pdb

Imports

kernel32

CreateEventW
WaitForMultipleObjects
GetModuleHandleA
GetCurrentThreadId
OutputDebugStringA
CloseHandle
GetVersion
LocalFree
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
HeapSize
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
LoadLibraryA
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapDestroy
HeapCreate
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
DeleteCriticalSection
GetStartupInfoA
GetFileType
SetHandleCount
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
Sleep
InterlockedDecrement
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
HeapFree
HeapAlloc
ResetEvent
FreeLibrary
GetProcAddress
SetLastError
GetLastError
GetModuleFileNameW
GetFileAttributesW
FormatMessageW
LoadLibraryW
GetModuleHandleW
SetEvent
WaitForSingleObject
VirtualAlloc
ExitThread
CreateThread
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
RaiseException
RtlUnwind

user32

DestroyWindow
SetWindowPlacement
GetWindowTextLengthW
GetDlgItemInt
GetWindowRect
MapDialogRect
LoadImageW
PostMessageW
MsgWaitForMultipleObjects
IsZoomed
DialogBoxIndirectParamW
SetForegroundWindow
DialogBoxParamW
GetParent
IsWindowEnabled
SetParent
GetClientRect
SetFocus
CreateIconIndirect
GetDC
TranslateMessage
LockWindowUpdate
SetDlgItemInt
IsDialogMessageW
LoadIconW
GetWindowPlacement
CreateDialogIndirectParamW
GetScrollInfo
InvalidateRect
GetWindowLongW
GetWindowTextW
PeekMessageW
GetClassNameW
ReleaseDC
GetDlgItem
SetWindowLongW
EndDialog
SendDlgItemMessageW
SetWindowPos
ShowWindow
CreateDialogParamW
IsWindow
MessageBoxW
GetSystemMetrics
GetDlgItemTextW
SetDlgItemTextW
SendMessageW
MapWindowPoints
EnableWindow
GetDlgCtrlID
SetWindowTextW
DestroyIcon
SetScrollInfo
GetDialogBaseUnits
GetWindowThreadProcessId
MoveWindow
DispatchMessageW

gdi32

GetStockObject
BitBlt
SetTextColor
DeleteDC
CreateDIBSection
SetBkColor
CreateBitmap
SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
CreateSolidBrush

Exports

Exports

V2Link
V2Unlink
_V2Link@4
_V2Unlink@0

Sections

.text
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/win32ole.dll
.dll windows:4 windows x86 arch:x86

b1f435305f70563adbd612126bf864d7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\dwork\kirikiri\kirikiri2\kirikiri2\bin\win32\plugin\win32ole.pdb

Imports

kernel32

InterlockedIncrement
GlobalUnlock
GetCurrentProcess
GetModuleHandleW
GlobalAlloc
LeaveCriticalSection
GetLastError
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoA
RtlUnwind
LoadLibraryA
InterlockedExchange
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LoadResource
GetConsoleCP
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
GetModuleFileNameA
GetStdHandle
WriteFile
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
ExitProcess
HeapSize
Sleep
TlsFree
MultiByteToWideChar
InterlockedDecrement
lstrcmpW
MulDiv
EnterCriticalSection
LoadLibraryExW
lstrcmpiW
GetModuleFileNameW
FreeLibrary
FindResourceW
GetCurrentThreadId
SizeofResource
RaiseException
InitializeCriticalSection
FlushInstructionCache
GlobalLock
lstrlenW
SetLastError
GetConsoleMode
DeleteCriticalSection
GetThreadLocale
IsProcessorFeaturePresent
InterlockedCompareExchange
TlsSetValue
FlushFileBuffers
CloseHandle
CreateFileA
TlsAlloc
TlsGetValue
GetProcAddress
GetModuleHandleA
GetProcessHeap
GetVersionExA
GetCommandLineA
HeapReAlloc
HeapAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapFree

user32

GetWindowTextLengthW
SetFocus
DefWindowProcW
GetDlgItem
CreateWindowExW
SendMessageW
InvalidateRgn
RegisterClassExW
GetClassNameW
SetWindowPos
ReleaseDC
ShowWindow
DestroyAcceleratorTable
GetWindowLongW
UnregisterClassA
GetFocus
LoadCursorW
RegisterWindowMessageW
GetWindow
ReleaseCapture
RedrawWindow
SetWindowTextW
EndPaint
IsWindow
GetDC
GetParent
BeginPaint
GetClientRect
SetWindowLongW
IsWindowVisible
DestroyWindow
InvalidateRect
FindWindowExW
GetDesktopWindow
ClientToScreen
IsChild
CreateAcceleratorTableW
ScreenToClient
GetSysColor
MoveWindow
CallWindowProcW
CharNextW
FillRect
GetWindowTextW
GetClassInfoExW
SetCapture

gdi32

GetObjectW
GetDeviceCaps
SelectObject
CreateCompatibleBitmap
DeleteDC
BitBlt
GetStockObject
DeleteObject
CreateSolidBrush
CreateCompatibleDC

advapi32

RegQueryInfoKeyW
RegDeleteKeyW
RegEnumKeyExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW

ole32

OleLockRunning
CoTaskMemFree
CoGetClassObject
CLSIDFromProgID
StringFromGUID2
CoTaskMemAlloc
OleInitialize
CoTaskMemRealloc
CLSIDFromString
CoCreateInstance
OleUninitialize
CreateStreamOnHGlobal

oleaut32

LoadTypeLi
OleCreateFontIndirect
LoadRegTypeLi
SysStringByteLen
SysStringLen
VarUI4FromStr
SysAllocStringLen
SafeArrayAccessData
SafeArrayUnaccessData
VariantInit
SafeArrayCreate
SysAllocString
SysFreeString
SafeArrayDestroy
VariantClear

urlmon

CoInternetGetSession

Exports

Exports

V2Link
V2Unlink
_V2Link@4
_V2Unlink@0

Sections

.text
Size: 144KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/windowEx.dll
.dll windows:5 windows x86 arch:x86

06676bf74b8d5c5059a59864fd3c806b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
InitializeCriticalSectionAndSpinCount
HeapSize
RtlUnwind
HeapReAlloc
VirtualAlloc
GetLocaleInfoA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
EnterCriticalSection
LoadLibraryA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapDestroy
HeapCreate
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
DeleteCriticalSection
GetStartupInfoA
GetFileType
SetHandleCount
ExitProcess
Sleep
RaiseException
HeapAlloc
HeapFree
InterlockedDecrement
GetLastError
SetLastError
InterlockedIncrement
ExpandEnvironmentStringsW
GetCurrentThreadId
GetProcAddress
LoadLibraryW
GetModuleHandleW
FreeLibrary
LeaveCriticalSection
GetEnvironmentVariableW
TlsFree
TlsSetValue
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc

user32

EndPaint
ClientToScreen
DestroyWindow
SetWindowPlacement
EnumDisplayMonitors
GetSystemMenu
GetWindowRect
MonitorFromPoint
IsIconic
GetMenuItemID
PostMessageW
IsZoomed
DeleteMenu
LoadCursorW
SetParent
GetClientRect
GetMenuItemInfoW
BeginPaint
GetDoubleClickTime
InsertMenuItemW
GetDC
GetMenu
RegisterClassExW
LoadIconW
GetWindowPlacement
TrackPopupMenuEx
SetCursorPos
GetWindowLongW
GetWindowTextW
GetClassNameW
ReleaseDC
EnableMenuItem
MonitorFromWindow
SetWindowLongW
SetWindowPos
GetCursorPos
EnumChildWindows
ShowWindow
CreatePopupMenu
DrawMenuBar
GetMenuItemCount
IsWindow
CreateWindowExW
GetSystemMetrics
SendMessageW
UpdateWindow
DestroyMenu
DestroyIcon
SetMenuItemInfoW
GetMonitorInfoW
CallWindowProcW
DefWindowProcW
MonitorFromRect
EnumThreadWindows
InvalidateRect

gdi32

DeleteDC
CreateDIBSection
DeleteObject
SelectObject
CreateCompatibleDC
GetStockObject
BitBlt

shell32

DuplicateIcon
ExtractIconW

Exports

Exports

V2Link
V2Unlink
_V2Link@4
_V2Unlink@0

Sections

.text
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/wuopus.dll
.dll windows:5 windows x86 arch:x86

95d09f69c8184697202de2241da7728a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EncodePointer
DecodePointer
GetCommandLineA
GetCurrentThreadId
GetLastError
HeapFree
HeapAlloc
HeapReAlloc
IsDebuggerPresent
IsProcessorFeaturePresent
GetStdHandle
WriteFile
GetModuleFileNameW
RaiseException
SetLastError
InterlockedIncrement
InterlockedDecrement
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
GetProcessHeap
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
WideCharToMultiByte
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
Sleep
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
SetFilePointerEx
RtlUnwind
GetConsoleMode
CloseHandle
OutputDebugStringW
LoadLibraryExW
LoadLibraryW
LCMapStringW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
CreateFileW
FlushFileBuffers
GetConsoleCP
GetStringTypeW
HeapSize
WriteConsoleW

Exports

Exports

GetModuleInstance
V2Link
V2Unlink
opus_decode
opus_decode_float
opus_decoder_create
opus_decoder_ctl
opus_decoder_destroy
opus_decoder_get_nb_samples
opus_decoder_get_size
opus_decoder_init
opus_get_version_string
opus_multistream_decode
opus_multistream_decode_float
opus_multistream_decoder_create
opus_multistream_decoder_ctl
opus_multistream_decoder_destroy
opus_multistream_decoder_get_size
opus_multistream_decoder_init
opus_packet_get_bandwidth
opus_packet_get_nb_channels
opus_packet_get_nb_frames
opus_packet_get_nb_samples
opus_packet_get_samples_per_frame
opus_packet_parse
opus_pcm_soft_clip
opus_strerror

Sections

.text
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/wuvorbis.dll
.dll windows:6 windows x86 arch:x86

abdeae6bd7b531d3a338a2cfaeba0571

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\dwork\kirikiri\krkrtemplate\plugins\wuvorbis\bin\wuvorbis.pdb

Imports

kernel32

GetACP
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
EncodePointer
RaiseException
RtlUnwind
GetLastError
GetModuleFileNameW
InterlockedPushEntrySList
InterlockedFlushSList
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
ExitProcess
GetModuleHandleExW
ReadFile
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
HeapFree
HeapAlloc
DecodePointer
InterlockedDecrement
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetCurrentThread
CloseHandle
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetStdHandle
GetFileType
GetStringTypeW
FindClose
FindFirstFileExA
FindFirstFileExW
FindNextFileA
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
GetProcessHeap
SetConsoleCtrlHandler
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleCP
HeapSize
HeapReAlloc
WriteConsoleW
OutputDebugStringA
OutputDebugStringW
WaitForSingleObjectEx
CreateThread
CreateFileW
GetDateFormatW
InterlockedIncrement

advapi32

SystemFunction036

Exports

Exports

GetModuleInstance
GetOptionDesc
Query_sizeof_OggVorbis_File
V2Link
V2Unlink
wu_DetectCPU
wu_ScaleOutput
wu_SetCPUType
wu_ov_bitrate
wu_ov_bitrate_instant
wu_ov_clear
wu_ov_comment
wu_ov_crosslap
wu_ov_halfrate
wu_ov_halfrate_p
wu_ov_info
wu_ov_open_callbacks
wu_ov_pcm_seek
wu_ov_pcm_seek_lap
wu_ov_pcm_seek_page
wu_ov_pcm_seek_page_lap
wu_ov_pcm_tell
wu_ov_pcm_total
wu_ov_raw_seek
wu_ov_raw_seek_lap
wu_ov_raw_tell
wu_ov_raw_total
wu_ov_read
wu_ov_read_float
wu_ov_seekable
wu_ov_serialnumber
wu_ov_streams
wu_ov_test_callbacks
wu_ov_test_open
wu_ov_time_seek
wu_ov_time_seek_lap
wu_ov_time_seek_page
wu_ov_time_seek_page_lap
wu_ov_time_tell
wu_ov_time_total

Sections

.text
Size: 376KB - Virtual size: 376KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 440B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9567e2dba4e003d705d55f3641eaa38e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

winmm

version

mpr

shlwapi

imm32

dbghelp

Sections

.text Size: 2.7MB - Virtual size: 2.7MB

.adata Size: 1KB - Virtual size: 4KB

.rdata Size: 946KB - Virtual size: 948KB

.data Size: 40KB - Virtual size: 684KB

.rsrc Size: 187KB - Virtual size: 187KB

.reloc Size: 300KB - Virtual size: 304KB

6d3c5bab6b0eb2ee1d145bff5df94081

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 112KB - Virtual size: 112KB

.rdata Size: 43KB - Virtual size: 42KB

.data Size: 4KB - Virtual size: 7KB

.gfids Size: 512B - Virtual size: 292B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 7KB - Virtual size: 7KB

858595856e27bce3ed91073dc390cbfb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 149KB - Virtual size: 149KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 7KB - Virtual size: 13KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 17KB - Virtual size: 16KB

98984250f0563ae65cf68502ef9a6598

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

Exports

Exports

Sections

.text Size: 409KB - Virtual size: 409KB

.rdata Size: 101KB - Virtual size: 101KB

.data Size: 30KB - Virtual size: 41KB

.reloc Size: 45KB - Virtual size: 44KB

.text
Size: 2.7MB - Virtual size: 2.7MB

.adata
Size: 1KB - Virtual size: 4KB

.rdata
Size: 946KB - Virtual size: 948KB

.data
Size: 40KB - Virtual size: 684KB

.rsrc
Size: 187KB - Virtual size: 187KB

.reloc
Size: 300KB - Virtual size: 304KB

.text
Size: 112KB - Virtual size: 112KB

.rdata
Size: 43KB - Virtual size: 42KB

.data
Size: 4KB - Virtual size: 7KB

.gfids
Size: 512B - Virtual size: 292B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 7KB - Virtual size: 7KB

.text
Size: 149KB - Virtual size: 149KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 7KB - Virtual size: 13KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 17KB - Virtual size: 16KB

.text
Size: 409KB - Virtual size: 409KB

.rdata
Size: 101KB - Virtual size: 101KB

.data
Size: 30KB - Virtual size: 41KB

.reloc
Size: 45KB - Virtual size: 44KB

.text
Size: 84KB - Virtual size: 83KB

.rdata
Size: 39KB - Virtual size: 38KB

.data
Size: 9KB - Virtual size: 19KB

.reloc
Size: 13KB - Virtual size: 12KB

.text
Size: 168KB - Virtual size: 165KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 8KB - Virtual size: 17KB

.rsrc
Size: 4KB - Virtual size: 940B

.reloc
Size: 12KB - Virtual size: 9KB

.text
Size: 64KB - Virtual size: 60KB

.rdata
Size: 136KB - Virtual size: 132KB

.data
Size: 16KB - Virtual size: 18KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 6KB

.text
Size: 35KB - Virtual size: 35KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 9KB

.reloc
Size: 6KB - Virtual size: 5KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 8KB - Virtual size: 9KB

.rsrc
Size: 4KB - Virtual size: 176B

.reloc
Size: 8KB - Virtual size: 7KB