Update[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Update.rar
Size

49.5MB
MD5

d146346c6b36e6451aba979bd9666a16
SHA1

c6f72ce3b928d2af65555506c6364de018243a23
SHA256

0c5b76338793c589eb8d1fbd68a770ae2bd79c8921f60aabfe7540f099be27f8
SHA512

3bc5daa32f3d9c71d477c9b165ce74e183c1ae58f1bf9f6002798f7457cb9f5806496b4e158bbf0e0301ff84bb1eb5e6ab636266f3b3bc2363987f7f79f50c73
SSDEEP

786432:+dZ1g21oMbNJ6nK2W3cwlrfYh9eO9/Xg5z7HL1keyKexMMuf8boByyGktxbRZ8X1:+Rj2W3hlrfY/dyhB43uflB3Gkz0NA+

Score

3^/10

Malware Config

Signatures

Unsigned PE 7 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Update_30_09/Debug/Portal.dll
unpack001/Update_30_09/Debug/Res.dll
unpack001/Update_30_09/Launch.exe
unpack001/Update_30_09/Packaged/Res_x64.dll
unpack001/Update_30_09/accessibilitycpl.dll
unpack001/Update_30_09/oleprn.dll
unpack001/Update_30_09/wwancfg.dll

Files

Update.rar
.rar

Password: github
Update_30_09/Debug/Addition.dll
Update_30_09/Debug/Autoupdater.ini
Update_30_09/Debug/DebugPPF.tmp
Update_30_09/Debug/DebugPPT.tmp
Update_30_09/Debug/Helper.dll
Update_30_09/Debug/Management.log
Update_30_09/Debug/Portal.dll
.dll windows:6 windows x64 arch:x64

Password: github

9b0781a524349d13dab24794562a9f4f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

WaitForSingleObject
CreateMutexW
CreateEventW
Sleep
GetCurrentProcess
ExitProcess
TerminateProcess
SetThreadPriority
TerminateThread
SetPriorityClass
GlobalMemoryStatusEx
GetSystemDirectoryW
GetLogicalProcessorInformation
GetNativeSystemInfo
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
FreeLibrary
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
LoadLibraryW
SetThreadAffinityMask
FormatMessageW
CopyFileW
MoveFileW
ReplaceFileW
GetLocaleInfoW
GetCommandLineW
LocalFree
GetCurrentProcessId
LoadLibraryA
GlobalAlloc
GlobalSize
GlobalUnlock
GlobalLock
GlobalFree
CompareStringOrdinal
GetTickCount
FormatMessageA
GetSystemTime
GetSystemTimeAsFileTime
WideCharToMultiByte
SystemTimeToFileTime
GetProcessHeap
GetFileSize
LockFileEx
UnlockFile
HeapDestroy
HeapCompact
HeapAlloc
GetSystemInfo
HeapReAlloc
DeleteFileA
WaitForSingleObjectEx
CreateFileA
FlushViewOfFile
GetFileAttributesA
GetDiskFreeSpaceA
GetTempPathA
MultiByteToWideChar
HeapSize
HeapValidate
UnlockFileEx
GetFullPathNameA
LockFile
OutputDebugStringA
GetDiskFreeSpaceW
GetFullPathNameW
HeapFree
HeapCreate
AreFileApisANSI
GetVolumeNameForVolumeMountPointA
GetVolumePathNameA
GetTimeZoneInformation
SetStdHandle
DeleteCriticalSection
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetFilePointerEx
GetFileSizeEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetOEMCP
GetACP
IsValidCodePage
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetFileType
GetStdHandle
FreeLibraryAndExitThread
ExitThread
CreateThread
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RtlUnwind
SetLastError
InterlockedFlushSList
RtlUnwindEx
RaiseException
RtlPcToFileHeader
GetCPInfo
GetStringTypeW
LCMapStringEx
DecodePointer
EncodePointer
SleepConditionVariableSRW
SleepConditionVariableCS
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
InitializeCriticalSectionEx
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
ResetEvent
InitializeCriticalSectionAndSpinCount
SetEvent
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
FindFirstFileW
InitializeCriticalSection
FindClose
DeleteFileW
CreateFileW
CreateDirectoryW
GetCurrentDirectoryW
GetThreadPriority
GetCurrentThreadId
WriteConsoleW
QueryPerformanceFrequency
QueryPerformanceCounter
GetLastError
SetUnhandledExceptionFilter
CloseHandle
OutputDebugStringW
IsDebuggerPresent
GetTempPathW
WriteFile
SetFileTime
SetFilePointer
SetFileAttributesW
SetEndOfFile
RemoveDirectoryW
ReadFile
GetVolumeInformationW
GetLogicalDriveStringsW
GetFileInformationByHandle
GetFileAttributesExW
GetFileAttributesW
GetDriveTypeW
GetDiskFreeSpaceExW
FlushFileBuffers
FindFirstFileExW
FindNextFileW
GetCurrentThread

user32

TranslateMessage
GetMessageW
GetWindowThreadProcessId
AttachThreadInput
GetAncestor
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetClassNameA
GetWindowRect
GetWindowInfo
EnumDisplayMonitors
GetMonitorInfoW
MonitorFromWindow
SystemParametersInfoW
GetIconInfo
DispatchMessageW
GetSystemMetrics
PostMessageW
DefWindowProcW
UnregisterClassW
RegisterClassExW
CreateWindowExW
DestroyWindow
SetFocus
GetFocus
GetWindowLongPtrW
SetWindowLongPtrW
EnumWindows
GetDC
ReleaseDC
TrackMouseEvent
GetMessagePos
GetMessageTime
GetMessageExtraInfo
SendMessageW
IsWindow
IsChild
ShowWindow
UpdateLayeredWindow
SetLayeredWindowAttributes
GetWindowPlacement
IsWindowVisible
BringWindowToTop
EndDialog
OpenClipboard
CloseClipboard
SetClipboardData
GetClipboardData
EmptyClipboard
GetActiveWindow
GetAsyncKeyState
GetKeyboardState
ToUnicode
MapVirtualKeyW
GetCapture
SetCapture
ReleaseCapture
GetSystemMenu
EnableMenuItem
GetForegroundWindow
BeginPaint
SetWindowPos
PostMessageA
PeekMessageW
EndPaint
GetCursorPos
GetUpdateRgn
InvalidateRect
RedrawWindow
SetWindowTextW
GetClientRect
MessageBoxW
MessageBeep
SetCursorPos
CreateIconIndirect
DrawIconEx
DestroyIcon
LoadIconW
DestroyCursor
LoadCursorW
SetWindowsHookExW
FindWindowExW
FindWindowW
EnumChildWindows
GetParent
GetDesktopWindow
SetWindowLongW
GetWindowLongW
WindowFromPoint
MapWindowPoints
SetCaretPos
ShowCaret
DestroyCaret
CreateCaret
SetCursor

gdi32

GetObjectW
CreateDIBSection
StretchDIBits
SaveDC
RestoreDC
GetRegionData
ExcludeClipRect
CreateRectRgnIndirect
CreateRectRgn
CreateBitmap
CombineRgn
GetKerningPairsW
GetTextMetricsW
SetMapMode
SetMapperFlags
SelectObject
RemoveFontMemResourceEx
AddFontMemResourceEx
GetGlyphIndicesW
GetOutlineTextMetricsW
GetGlyphOutlineW
GetDeviceCaps
DeleteObject
DeleteDC
CreateFontIndirectW
CreateCompatibleDC

shell32

SHGetSpecialFolderPathA
SHBrowseForFolderW
SHGetKnownFolderPath
SHCreateShellItem
SHGetPathFromIDListW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderPathW
SHGetMalloc
ExtractAssociatedIconW
DragQueryFileW
SHParseDisplayName

ole32

DoDragDrop
RevokeDragDrop
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoInitializeEx
CoUninitialize
OleUninitialize
OleInitialize
RegisterDragDrop

oleaut32

SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
SafeArrayDestroy
SysAllocString
SafeArrayPutElement

comdlg32

GetOpenFileNameW
GetSaveFileNameW

wininet

InternetOpenW
InternetSetFilePointer
InternetCloseHandle
InternetCrackUrlW
InternetReadFile
InternetConnectW
InternetWriteFile
InternetSetOptionW
FtpOpenFileW
HttpOpenRequestW
HttpSendRequestExW
HttpEndRequestW
HttpQueryInfoW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

shlwapi

PathStripToRootW
ord172

winmm

timeBeginPeriod
timeGetTime

imm32

ImmGetContext
ImmGetCompositionStringW
ImmNotifyIME
ImmSetCandidateWindow
ImmReleaseContext

Exports

Exports

VSTPluginMain

Sections

.text
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37.7MB - Virtual size: 37.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 218KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Update_30_09/Debug/Res.dll
.dll windows:6 windows x86 arch:x86

Password: github

694bbdd01d5262771f27e7c775c63322

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesW
GetSystemDirectoryW
UnmapViewOfFile
SetFileAttributesW
CreateEventW
GetFileInformationByHandle
FormatMessageW
GetLastError
GetFileAttributesExW
OutputDebugStringW
SetEvent
GetCurrentThread
TerminateThread
QueryPerformanceFrequency
DeleteFileW
CloseHandle
LoadLibraryW
GetCurrentDirectoryW
ReplaceFileW
DeleteCriticalSection
FreeLibrary
CopyFileW
CreateFileMappingW
MapViewOfFile
MoveFileW
GetDriveTypeW
FlushFileBuffers
SizeofResource
FindResourceA
GetVersionExW
GlobalSize
LoadLibraryA
LockResource
GlobalAlloc
GlobalFree
LoadResource
GlobalLock
WideCharToMultiByte
GetTickCount
GlobalUnlock
AreFileApisANSI
HeapCreate
HeapFree
GetFullPathNameW
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
GetFullPathNameA
UnlockFileEx
HeapValidate
HeapSize
GetTempPathA
GetDiskFreeSpaceA
GetFileAttributesA
CreateFileA
WaitForSingleObjectEx
GetVersionExA
DeleteFileA
HeapReAlloc
GetSystemInfo
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
CreateFileMappingA
LocalFree
LockFileEx
GetFileSize
GetProcessHeap
SystemTimeToFileTime
WaitForSingleObject
CompareStringEx
GetLocaleInfoEx
LCMapStringEx
SleepConditionVariableSRW
SleepConditionVariableCS
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
InitializeCriticalSectionEx
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
WriteConsoleW
MoveFileExW
SetStdHandle
GetStringTypeW
DecodePointer
GetFileSizeEx
GetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetConsoleOutputCP
SetFilePointerEx
ReadConsoleW
GetConsoleMode
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetFileType
GetTimeZoneInformation
FreeLibraryAndExitThread
ExitThread
CreateThread
RaiseException
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
EncodePointer
SetLastError
RtlUnwind
InterlockedFlushSList
CreateFileW
GetLocaleInfoW
CreateMutexW
GetTempPathW
PeekNamedPipe
FormatMessageA
SetFilePointer
InitializeCriticalSection
LeaveCriticalSection
SetThreadPriority
GetModuleFileNameW
RemoveDirectoryW
SetEndOfFile
GetModuleHandleExW
WriteFile
FindNextFileW
EnterCriticalSection
FindFirstFileW
TryEnterCriticalSection
ReadFile
SetThreadAffinityMask
CreateDirectoryW
ExitProcess
GetSystemTime
GetProcAddress
Sleep
MultiByteToWideChar
GetModuleHandleA
GetVolumeInformationA
FindClose
lstrlenA
FindNextFileA
FindFirstFileA
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
UnhandledExceptionFilter
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
GetCommandLineW
ResetEvent

gdiplus

GdipDrawPolygon
GdipCreatePen1
GdipSetClipRect
GdipGetLineSpacing
GdipCreateBitmapFromResource
GdipCreateFontFamilyFromName
GdipGetEmHeight
GdipAddPathString
GdipGetFamily
GdipSetImageAttributesColorMatrix
GdipGetImageHeight
GdipDeleteFontFamily
GdipSetPathFillMode
GdipCreateBitmapFromScan0
GdipDeletePen
GdipDrawImageRectRectI
GdipDeleteMatrix
GdipSetPathGradientSurroundColorsWithCount
GdipTranslateWorldTransform
GdiplusStartup
GdiplusShutdown
GdipAddPathLine
GdipSetPathGradientCenterPoint
GdipSetPenColor
GdipCloneImage
GdipBitmapUnlockBits
GdipTransformPath
GdipDeleteBrush
GdipIsVisiblePathPoint
GdipAlloc
GdipGetPathLastPoint
GdipCreateMatrix2
GdipAddPathBezier
GdipDisposeImageAttributes
GdipDeletePath
GdipSetPathGradientCenterColor
GdipCreatePathGradientFromPath
GdipCreateBitmapFromStreamICM
GdipCreateMatrix
GdipDisposeImage
GdipSetMatrixElements
GdipSetSmoothingMode
GdipSetWorldTransform
GdipGetWorldTransform
GdipCreateLineBrush
GdipCreatePath
GdipFillPolygon
GdipCreateFont
GdipSetLinePresetBlend
GdipSetInterpolationMode
GdipGetDpiY
GdipGetCellDescent
GdipSetPenLineCap197819
GdipCreateSolidFill
GdipGetFontStyle
GdipFillPath
GdipGetPathWorldBounds
GdipSetPenDashArray
GdipSetPenDashStyle
GdipSetPenWidth
GdipCreateFromHWND
GdipDrawLine
GdipDrawRectangle
GdipCreateHBITMAPFromBitmap
GdipSetPixelOffsetMode
GdipFillRectangle
GdipAddPathEllipse
GdipSetPageUnit
GdipSetSolidFillColor
GdipClosePathFigure
GdipCreateImageAttributes
GdipGetGenericFontFamilySansSerif
GdipFree
GdipDrawPath
GdipDrawString
GdipBitmapLockBits
GdipSetPenLineJoin
GdipCreateFromHDC
GdipFillEllipse
GdipAddPathRectangle
GdipSetTextRenderingHint
GdipGetCellAscent
GdipDrawEllipse
GdipCloneBrush
GdipSetPenDashOffset
GdipMeasureString
GdipGetFontHeightGivenDPI
GdipGetImageGraphicsContext
GdipGetPathGradientPointCount
GdipAddPathArc
GdipDeleteGraphics
GdipClonePath
GdipDeleteFont
GdipStartPathFigure
GdipGetFontSize
GdipGetImageWidth

winmm

timeGetTime
timeBeginPeriod

comdlg32

GetOpenFileNameW
GetSaveFileNameW

shell32

ord190
SHOpenFolderAndSelectItems
ShellExecuteA
ord155
SHFileOperationW
SHGetSpecialFolderPathW
DragQueryFileW
ord74
ExtractAssociatedIconW
ShellExecuteW

ole32

CoCreateInstance
OleUninitialize
GetHGlobalFromStream
DoDragDrop
CreateStreamOnHGlobal
OleInitialize
RegisterDragDrop
RevokeDragDrop

gdi32

GetKerningPairsW
SelectObject
CreateSolidBrush
SetBkColor
SetTextColor
CreateRectRgn
CreateDIBSection
CombineRgn
DeleteDC
RestoreDC
CreateCompatibleDC
GetDeviceCaps
GetRegionData
GetTextMetricsW
ExcludeClipRect
CreateRectRgnIndirect
StretchDIBits
SaveDC
SetMapperFlags
GetGlyphIndicesW
DeleteObject
RemoveFontMemResourceEx
SetMapMode
CreateFontIndirectW
GetOutlineTextMetricsW
RemoveFontResourceExA
CreateBitmap
GetGlyphOutlineW
AddFontResourceExA

user32

TranslateMessage
GetMessageW
GetSystemMenu
GetMessageExtraInfo
GetMessagePos
FindWindowExW
GetFocus
IsWindowVisible
EnumChildWindows
EnumDisplayMonitors
ReleaseDC
GetDC
AttachThreadInput
GetWindowThreadProcessId
GetWindowTextW
EndPaint
BeginPaint
GetCursorPos
InvalidateRect
ReleaseCapture
GetParent
KillTimer
AppendMenuW
GetDlgItem
GetClientRect
SetWindowLongW
wsprintfW
SetCursor
SetCapture
LoadCursorW
SetFocus
DestroyMenu
TrackMouseEvent
SetMenuInfo
MapWindowPoints
RegisterClassW
PeekMessageW
SetMenuItemInfoW
GetWindowInfo
SetTimer
GetAsyncKeyState
IsWindow
TrackPopupMenu
CreatePopupMenu
SetWindowTextW
UnregisterClassW
GetSystemMetrics
SendMessageW
CreateWindowExW
SetWindowPos
DestroyWindow
GetWindowRect
MapVirtualKeyW
PostMessageW
CallWindowProcW
GetUpdateRgn
GetKeyState
DefWindowProcW
GetWindowTextLengthW
GetWindowLongW
GetClassNameW
DispatchMessageW
SetCursorPos
SetForegroundWindow
SystemParametersInfoW
EnableMenuItem
GetDesktopWindow
ShowCaret
UpdateLayeredWindow
ToUnicode
SetClipboardData
DestroyCaret
FindWindowW
GetClipboardData
SetLayeredWindowAttributes
GetMessageTime
EnumWindows
GetForegroundWindow
CreateCaret
IsChild
EmptyClipboard
CloseClipboard
CreateIconIndirect
GetMonitorInfoW
DestroyIcon
RedrawWindow
GetCapture
OpenClipboard
ShowWindow
GetActiveWindow
SetCaretPos
GetKeyboardState
DestroyCursor
GetWindowPlacement
WindowFromPoint
RegisterClassExW
MessageBeep
ScreenToClient

oleaut32

SysFreeString
SysAllocStringLen

wininet

InternetCloseHandle
InternetReadFile
HttpEndRequestW
InternetCrackUrlW
InternetConnectW
InternetSetOptionW
HttpSendRequestExW
InternetSetFilePointer
HttpQueryInfoW
InternetOpenW
FtpOpenFileW
InternetWriteFile
HttpOpenRequestW

shlwapi

SHCreateStreamOnFileEx

imm32

ImmSetCandidateWindow
ImmGetCompositionStringW
ImmReleaseContext
ImmGetContext
ImmNotifyIME

Exports

Exports

VSTPluginMain
main
mus_array_to_file
mus_array_to_file_with_error
mus_audio_close
mus_audio_compatible_sample_type
mus_audio_device_channels
mus_audio_device_sample_type
mus_audio_initialize
mus_audio_moniker
mus_audio_open_input
mus_audio_open_output
mus_audio_read
mus_audio_write
mus_bytes_per_sample
mus_bytes_to_samples
mus_clip_set_handler
mus_clip_set_handler_and_checker
mus_clipping
mus_error
mus_error_set_handler
mus_error_type_to_string
mus_expand_filename
mus_fclamp
mus_file_clipping
mus_file_close
mus_file_create
mus_file_fd_name
mus_file_header_type
mus_file_open_descriptors
mus_file_open_read
mus_file_open_write
mus_file_probe
mus_file_read
mus_file_read_any
mus_file_read_buffer
mus_file_read_chans
mus_file_read_file
mus_file_reopen_write
mus_file_save_data
mus_file_seek_frample
mus_file_set_chans
mus_file_set_clipping
mus_file_set_header_type
mus_file_to_array
mus_file_to_float_array
mus_file_write
mus_file_write_buffer
mus_file_write_file
mus_float_array_to_file
mus_format
mus_getcwd
mus_header_aiff_aux_comment
mus_header_aux_comment_end
mus_header_aux_comment_start
mus_header_base_detune
mus_header_base_note
mus_header_bits_per_sample
mus_header_block_align
mus_header_change_chans
mus_header_change_comment
mus_header_change_data_size
mus_header_change_location
mus_header_change_sample_type
mus_header_change_srate
mus_header_change_type
mus_header_chans
mus_header_comment_end
mus_header_comment_start
mus_header_data_location
mus_header_fact_samples
mus_header_initialize
mus_header_loop_end
mus_header_loop_mode
mus_header_loop_start
mus_header_mark_info
mus_header_mark_position
mus_header_no_header
mus_header_original_sample_type
mus_header_original_sample_type_name
mus_header_raw_defaults
mus_header_read
mus_header_riff_aux_comment
mus_header_sample_type
mus_header_samples
mus_header_set_aiff_loop_info
mus_header_set_raw_defaults
mus_header_sf2_end
mus_header_sf2_entries
mus_header_sf2_loop_end
mus_header_sf2_loop_start
mus_header_sf2_name
mus_header_sf2_start
mus_header_srate
mus_header_true_length
mus_header_type
mus_header_type_name
mus_header_type_specifier
mus_header_type_to_string
mus_header_writable
mus_header_write
mus_header_write_set_hook
mus_iclamp
mus_is_header_type
mus_is_sample_type
mus_max_malloc
mus_max_table_size
mus_oclamp
mus_print
mus_print_set_handler
mus_reset_audio_c
mus_reset_headers_c
mus_reset_io_c
mus_sample_type_name
mus_sample_type_short_name
mus_sample_type_to_string
mus_samples_bounds
mus_samples_to_bytes
mus_set_clipping
mus_set_max_malloc
mus_set_max_table_size
mus_sound_bits_per_sample
mus_sound_block_align
mus_sound_channel_maxamp
mus_sound_channel_maxamp_exists
mus_sound_channel_set_maxamp
mus_sound_chans
mus_sound_close_input
mus_sound_close_output
mus_sound_comment
mus_sound_comment_end
mus_sound_comment_start
mus_sound_data_location
mus_sound_datum_size
mus_sound_duration
mus_sound_fact_samples
mus_sound_forget
mus_sound_framples
mus_sound_header_type
mus_sound_initialize
mus_sound_length
mus_sound_loop_info
mus_sound_mark_info
mus_sound_maxamp_exists
mus_sound_maxamps
mus_sound_open_input
mus_sound_open_output
mus_sound_original_sample_type
mus_sound_override_header
mus_sound_prune
mus_sound_reopen_output
mus_sound_report_cache
mus_sound_sample_type
mus_sound_samples
mus_sound_saved_data
mus_sound_set_chans
mus_sound_set_data_location
mus_sound_set_header_type
mus_sound_set_loop_info
mus_sound_set_maxamps
mus_sound_set_sample_type
mus_sound_set_samples
mus_sound_set_saved_data
mus_sound_set_srate
mus_sound_srate
mus_sound_type_specifier
mus_sound_write_date
mus_strcat
mus_strcmp
mus_strdup
mus_strlen
mus_write_header

Sections

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 706KB - Virtual size: 705KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Update_30_09/Debug/Resource.dll
Update_30_09/Debug/main.ini
Update_30_09/Debug/ukm_db
Update_30_09/Launch.exe
.exe windows:4 windows x86 arch:x86

Password: github

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

#.47i(
Size: 300KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Update_30_09/Packaged/Main.ini
.xml
Update_30_09/Packaged/Res_x64.dll
.dll windows:6 windows x64 arch:x64

Password: github

68a52d7dd14ee2effbb73575ae8a0035

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetLocaleInfoW
WaitForSingleObject
CreateFileW
GetFileAttributesW
GetSystemDirectoryW
UnmapViewOfFile
SetFileAttributesW
CreateEventW
GetFileInformationByHandle
FormatMessageW
GetLastError
GetFileAttributesExW
OutputDebugStringW
SetEvent
GetCurrentThread
TerminateThread
QueryPerformanceFrequency
DeleteFileW
CloseHandle
LoadLibraryW
GetCurrentDirectoryW
ReplaceFileW
DeleteCriticalSection
FreeLibrary
CopyFileW
CreateFileMappingW
MapViewOfFile
MoveFileW
GetDriveTypeW
FlushFileBuffers
SizeofResource
FindResourceA
GetVersionExW
GlobalSize
LoadLibraryA
LockResource
GlobalAlloc
GlobalFree
LoadResource
GlobalLock
WideCharToMultiByte
GetTickCount
GlobalUnlock
AreFileApisANSI
HeapCreate
HeapFree
GetFullPathNameW
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
GetFullPathNameA
UnlockFileEx
HeapValidate
HeapSize
GetTempPathA
GetDiskFreeSpaceA
GetFileAttributesA
CreateFileA
WaitForSingleObjectEx
GetVersionExA
DeleteFileA
HeapReAlloc
GetSystemInfo
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
CreateFileMappingA
LocalFree
LockFileEx
GetFileSize
GetProcessHeap
SystemTimeToFileTime
GetTempPathW
GetCommandLineW
CompareStringEx
GetLocaleInfoEx
LCMapStringEx
DecodePointer
SleepConditionVariableSRW
SleepConditionVariableCS
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
InitializeCriticalSectionEx
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
WriteConsoleW
MoveFileExW
SetStdHandle
GetStringTypeW
GetFileSizeEx
GetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetConsoleOutputCP
SetFilePointerEx
ReadConsoleW
GetConsoleMode
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetFileType
GetTimeZoneInformation
FreeLibraryAndExitThread
ExitThread
CreateThread
RtlPcToFileHeader
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
RtlUnwind
RaiseException
EncodePointer
SetLastError
InterlockedFlushSList
RtlUnwindEx
CreateMutexW
PeekNamedPipe
SetEndOfFile
SetFilePointer
LeaveCriticalSection
SetThreadPriority
GetModuleFileNameW
RemoveDirectoryW
GetModuleHandleExW
WriteFile
InitializeCriticalSection
FindNextFileW
EnterCriticalSection
FindFirstFileW
TryEnterCriticalSection
ReadFile
SetThreadAffinityMask
CreateDirectoryW
ExitProcess
GetSystemTime
GetProcAddress
Sleep
MultiByteToWideChar
GetModuleHandleA
GetVolumeInformationA
FindClose
lstrlenA
FindNextFileA
FindFirstFileA
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
RtlCaptureContext
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
FormatMessageA
ResetEvent

gdiplus

GdipDrawPolygon
GdipCreatePen1
GdipCreateBitmapFromResource
GdipCreateFontFamilyFromName
GdipGetEmHeight
GdipAddPathString
GdipGetFamily
GdipSetImageAttributesColorMatrix
GdipGetImageHeight
GdipDeleteFontFamily
GdipAddPathLine
GdiplusShutdown
GdipSetPathFillMode
GdipDrawImageRectRectI
GdipDeleteMatrix
GdipSetPathGradientSurroundColorsWithCount
GdipCreateBitmapFromScan0
GdipDeletePen
GdipTranslateWorldTransform
GdiplusStartup
GdipGetLineSpacing
GdipSetClipRect
GdipSetPathGradientCenterPoint
GdipSetPenColor
GdipCloneImage
GdipBitmapUnlockBits
GdipTransformPath
GdipDeleteBrush
GdipIsVisiblePathPoint
GdipAlloc
GdipGetPathLastPoint
GdipCreateMatrix2
GdipAddPathBezier
GdipDisposeImageAttributes
GdipDeletePath
GdipSetPathGradientCenterColor
GdipCreatePathGradientFromPath
GdipCreateBitmapFromStreamICM
GdipCreateMatrix
GdipDisposeImage
GdipSetMatrixElements
GdipSetSmoothingMode
GdipSetWorldTransform
GdipGetWorldTransform
GdipCreateLineBrush
GdipCreatePath
GdipFillPolygon
GdipCreateFont
GdipSetLinePresetBlend
GdipSetInterpolationMode
GdipGetDpiY
GdipGetCellDescent
GdipSetPenLineCap197819
GdipCreateSolidFill
GdipGetFontStyle
GdipFillPath
GdipGetPathWorldBounds
GdipSetPenDashArray
GdipSetPenDashStyle
GdipSetPenWidth
GdipCreateFromHWND
GdipDrawLine
GdipDrawRectangle
GdipCreateHBITMAPFromBitmap
GdipSetPixelOffsetMode
GdipFillRectangle
GdipAddPathEllipse
GdipSetPageUnit
GdipSetSolidFillColor
GdipClosePathFigure
GdipCreateImageAttributes
GdipGetGenericFontFamilySansSerif
GdipFree
GdipDrawPath
GdipDrawString
GdipBitmapLockBits
GdipSetPenLineJoin
GdipCreateFromHDC
GdipFillEllipse
GdipAddPathRectangle
GdipSetTextRenderingHint
GdipGetCellAscent
GdipDrawEllipse
GdipCloneBrush
GdipSetPenDashOffset
GdipMeasureString
GdipGetFontHeightGivenDPI
GdipGetImageGraphicsContext
GdipGetPathGradientPointCount
GdipAddPathArc
GdipDeleteGraphics
GdipClonePath
GdipDeleteFont
GdipStartPathFigure
GdipGetFontSize
GdipGetImageWidth

winmm

timeGetTime
timeBeginPeriod

comdlg32

GetOpenFileNameW
GetSaveFileNameW

shell32

ord190
SHOpenFolderAndSelectItems
ShellExecuteA
ord155
SHFileOperationW
SHGetSpecialFolderPathW
DragQueryFileW
ord74
ExtractAssociatedIconW
ShellExecuteW

ole32

CoCreateInstance
OleUninitialize
GetHGlobalFromStream
DoDragDrop
CreateStreamOnHGlobal
OleInitialize
RegisterDragDrop
RevokeDragDrop

gdi32

GetKerningPairsW
SelectObject
CreateSolidBrush
SetBkColor
GetRegionData
SetTextColor
CreateDIBSection
CombineRgn
DeleteDC
RestoreDC
ExcludeClipRect
CreateCompatibleDC
GetTextMetricsW
GetDeviceCaps
CreateRectRgn
CreateRectRgnIndirect
StretchDIBits
SaveDC
SetMapperFlags
GetGlyphIndicesW
DeleteObject
RemoveFontMemResourceEx
SetMapMode
CreateFontIndirectW
GetOutlineTextMetricsW
RemoveFontResourceExA
CreateBitmap
GetGlyphOutlineW
AddFontResourceExA

user32

GetSystemMenu
GetMessageExtraInfo
GetMessagePos
FindWindowExW
GetFocus
IsWindowVisible
EnumChildWindows
ReleaseDC
GetDC
AttachThreadInput
GetWindowThreadProcessId
GetWindowTextW
EndPaint
BeginPaint
GetCursorPos
InvalidateRect
ReleaseCapture
GetParent
KillTimer
AppendMenuW
GetDlgItem
GetClientRect
SetWindowLongW
wsprintfW
SetCursor
SetCapture
LoadCursorW
SetFocus
DestroyMenu
TrackMouseEvent
SetMenuInfo
MapWindowPoints
RegisterClassW
PeekMessageW
SetMenuItemInfoW
GetWindowInfo
SetTimer
GetAsyncKeyState
IsWindow
TrackPopupMenu
GetWindowLongPtrW
CreatePopupMenu
SetWindowTextW
UnregisterClassW
GetSystemMetrics
SendMessageW
CreateWindowExW
SetWindowLongPtrW
SetWindowPos
DestroyWindow
GetWindowRect
MapVirtualKeyW
PostMessageW
CallWindowProcW
GetUpdateRgn
GetKeyState
DefWindowProcW
GetWindowTextLengthW
GetWindowLongW
GetClassNameW
DispatchMessageW
SetCursorPos
SetForegroundWindow
SystemParametersInfoW
EnableMenuItem
GetDesktopWindow
ShowCaret
UpdateLayeredWindow
ToUnicode
SetClipboardData
DestroyCaret
FindWindowW
GetClipboardData
SetLayeredWindowAttributes
GetMessageTime
EnumWindows
GetForegroundWindow
CreateCaret
IsChild
EmptyClipboard
CloseClipboard
CreateIconIndirect
GetMonitorInfoW
DestroyIcon
RedrawWindow
GetCapture
OpenClipboard
ShowWindow
GetActiveWindow
SetCaretPos
GetKeyboardState
DestroyCursor
GetWindowPlacement
WindowFromPoint
RegisterClassExW
MessageBeep
ScreenToClient
EnumDisplayMonitors

oleaut32

SysFreeString
SysAllocStringLen

wininet

InternetCloseHandle
InternetReadFile
HttpEndRequestW
InternetCrackUrlW
InternetConnectW
InternetSetOptionW
HttpSendRequestExW
InternetSetFilePointer
HttpQueryInfoW
InternetOpenW
FtpOpenFileW
InternetWriteFile
HttpOpenRequestW

shlwapi

SHCreateStreamOnFileEx

imm32

ImmSetCandidateWindow
ImmGetCompositionStringW
ImmReleaseContext
ImmGetContext
ImmNotifyIME

Exports

Exports

VSTPluginMain
main
mus_array_to_file
mus_array_to_file_with_error
mus_audio_close
mus_audio_compatible_sample_type
mus_audio_device_channels
mus_audio_device_sample_type
mus_audio_initialize
mus_audio_moniker
mus_audio_open_input
mus_audio_open_output
mus_audio_read
mus_audio_write
mus_bytes_per_sample
mus_bytes_to_samples
mus_clip_set_handler
mus_clip_set_handler_and_checker
mus_clipping
mus_error
mus_error_set_handler
mus_error_type_to_string
mus_expand_filename
mus_fclamp
mus_file_clipping
mus_file_close
mus_file_create
mus_file_fd_name
mus_file_header_type
mus_file_open_descriptors
mus_file_open_read
mus_file_open_write
mus_file_probe
mus_file_read
mus_file_read_any
mus_file_read_buffer
mus_file_read_chans
mus_file_read_file
mus_file_reopen_write
mus_file_save_data
mus_file_seek_frample
mus_file_set_chans
mus_file_set_clipping
mus_file_set_header_type
mus_file_to_array
mus_file_to_float_array
mus_file_write
mus_file_write_buffer
mus_file_write_file
mus_float_array_to_file
mus_format
mus_getcwd
mus_header_aiff_aux_comment
mus_header_aux_comment_end
mus_header_aux_comment_start
mus_header_base_detune
mus_header_base_note
mus_header_bits_per_sample
mus_header_block_align
mus_header_change_chans
mus_header_change_comment
mus_header_change_data_size
mus_header_change_location
mus_header_change_sample_type
mus_header_change_srate
mus_header_change_type
mus_header_chans
mus_header_comment_end
mus_header_comment_start
mus_header_data_location
mus_header_fact_samples
mus_header_initialize
mus_header_loop_end
mus_header_loop_mode
mus_header_loop_start
mus_header_mark_info
mus_header_mark_position
mus_header_no_header
mus_header_original_sample_type
mus_header_original_sample_type_name
mus_header_raw_defaults
mus_header_read
mus_header_riff_aux_comment
mus_header_sample_type
mus_header_samples
mus_header_set_aiff_loop_info
mus_header_set_raw_defaults
mus_header_sf2_end
mus_header_sf2_entries
mus_header_sf2_loop_end
mus_header_sf2_loop_start
mus_header_sf2_name
mus_header_sf2_start
mus_header_srate
mus_header_true_length
mus_header_type
mus_header_type_name
mus_header_type_specifier
mus_header_type_to_string
mus_header_writable
mus_header_write
mus_header_write_set_hook
mus_iclamp
mus_is_header_type
mus_is_sample_type
mus_max_malloc
mus_max_table_size
mus_oclamp
mus_print
mus_print_set_handler
mus_reset_audio_c
mus_reset_headers_c
mus_reset_io_c
mus_sample_type_name
mus_sample_type_short_name
mus_sample_type_to_string
mus_samples_bounds
mus_samples_to_bytes
mus_set_clipping
mus_set_max_malloc
mus_set_max_table_size
mus_sound_bits_per_sample
mus_sound_block_align
mus_sound_channel_maxamp
mus_sound_channel_maxamp_exists
mus_sound_channel_set_maxamp
mus_sound_chans
mus_sound_close_input
mus_sound_close_output
mus_sound_comment
mus_sound_comment_end
mus_sound_comment_start
mus_sound_data_location
mus_sound_datum_size
mus_sound_duration
mus_sound_fact_samples
mus_sound_forget
mus_sound_framples
mus_sound_header_type
mus_sound_initialize
mus_sound_length
mus_sound_loop_info
mus_sound_mark_info
mus_sound_maxamp_exists
mus_sound_maxamps
mus_sound_open_input
mus_sound_open_output
mus_sound_original_sample_type
mus_sound_override_header
mus_sound_prune
mus_sound_reopen_output
mus_sound_report_cache
mus_sound_sample_type
mus_sound_samples
mus_sound_saved_data
mus_sound_set_chans
mus_sound_set_data_location
mus_sound_set_header_type
mus_sound_set_loop_info
mus_sound_set_maxamps
mus_sound_set_sample_type
mus_sound_set_samples
mus_sound_set_saved_data
mus_sound_set_srate
mus_sound_srate
mus_sound_type_specifier
mus_sound_write_date
mus_strcat
mus_strcmp
mus_strdup
mus_strlen
mus_write_header

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 984KB - Virtual size: 983KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Update_30_09/Packaged/Resource.dll
Update_30_09/Packaged/Utils.dll
.xml
Update_30_09/accessibilitycpl.dll
.dll regsvr32 windows:10 windows x64 arch:x64

Password: github

164af912471cbe0c60259e8ab08b3a77

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

AccessibilityCpl.pdb

Imports

msvcrt

wcsspn
_vsnprintf_s
_wcslwr_s
__CxxFrameHandler3
wcscspn
wcsrchr
_ltow_s
_vsnwprintf
memcpy
memcmp
?terminate@@YAXXZ
??1type_info@@UEAA@XZ
memset
_onexit
__dllonexit
_unlock
_lock
_initterm
_amsg_exit
_XcptFilter
calloc
wcsstr
_wcsicmp
__C_specific_handler
malloc
free
vswprintf_s
_vscwprintf
memmove_s
_itow_s
memcpy_s
_wtoi
wcschr
wcscmp

api-ms-win-core-heap-l1-1-0

HeapFree
GetProcessHeap
HeapReAlloc
HeapSize
HeapDestroy
HeapAlloc

api-ms-win-eventing-classicprovider-l1-1-0

UnregisterTraceGuids
GetTraceLoggerHandle
TraceMessage
RegisterTraceGuidsW
GetTraceEnableFlags
GetTraceEnableLevel

api-ms-win-core-libraryloader-l1-2-0

LoadStringW
SizeofResource
GetModuleHandleW
FreeLibrary
DisableThreadLibraryCalls
GetModuleFileNameA
GetProcAddress
FindResourceExW
LoadResource
LockResource
GetModuleHandleExW

api-ms-win-eventing-provider-l1-1-0

EventSetInformation
EventWriteTransfer
EventUnregister
EventRegister

api-ms-win-core-processthreads-l1-1-0

GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
TerminateProcess

api-ms-win-core-com-l1-1-0

CoTaskMemFree
StringFromGUID2
CoCreateInstance
CreateStreamOnHGlobal

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
RaiseException
UnhandledExceptionFilter
GetLastError
SetLastError

oleaut32

VariantClear
SysAllocString

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-registry-l1-1-0

RegQueryValueExW
RegGetValueW
RegCloseKey
RegLoadMUIStringW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegOpenKeyExW

api-ms-win-core-localization-l1-2-0

FormatMessageW
GetLocaleInfoW
GetUserDefaultLCID

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
DebugBreak
OutputDebugStringW

api-ms-win-core-synch-l1-1-0

ReleaseSemaphore
ReleaseMutex
LeaveCriticalSection
EnterCriticalSection
WaitForSingleObjectEx
CreateMutexExW
CreateSemaphoreExW
OpenSemaphoreW
DeleteCriticalSection
InitializeCriticalSection
WaitForSingleObject

api-ms-win-core-processenvironment-l1-1-0

ExpandEnvironmentStringsW

api-ms-win-core-synch-l1-2-0

InitOnceBeginInitialize
InitOnceComplete
Sleep

api-ms-win-core-heap-l2-1-0

GlobalAlloc
GlobalFree

api-ms-win-core-string-l1-1-0

WideCharToMultiByte
MultiByteToWideChar

api-ms-win-core-libraryloader-l1-2-1

LoadLibraryW

api-ms-win-core-rtlsupport-l1-1-0

RtlLookupFunctionEntry
RtlVirtualUnwind
RtlCaptureContext

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount

ntdll

EtwEventWriteTransfer
EtwLogTraceEvent
WinSqmAddToStream
WinSqmIncrementDWORD
WinSqmSetDWORD
WinSqmIsOptedIn

kernel32

GetFileAttributesW
DeleteFileW
CompareStringOrdinal
LoadLibraryExW
OpenMutexW
OpenJobObjectW
IsProcessInJob
OOBEComplete
GetThreadUILanguage
GetProcessMitigationPolicy
LocalAlloc
ReleaseSRWLockShared
DeleteProcThreadAttributeList
CreateThreadpoolTimer
InitializeCriticalSectionEx
AcquireSRWLockShared
AcquireSRWLockExclusive
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks
SetThreadpoolTimer
GetModuleFileNameW
DeactivateActCtx
UpdateProcThreadAttribute
InitializeProcThreadAttributeList
LocalFree
ActivateActCtx
ReleaseActCtx
CreateActCtxW
ReleaseSRWLockExclusive
CreateProcessW
GetAtomNameW
GlobalLock
GlobalUnlock
K32EnumProcesses
ProcessIdToSessionId
OpenProcess
K32EnumProcessModules
K32GetModuleBaseNameW

shlwapi

SHStrDupW
ord156
ord174
ord24
ord176
ord514
ord256
ord437
ord172
ord278
ord158
ord204
ord219
ord199
ord618

shell32

ord25
SHParseDisplayName
SHGetStockIconInfo
ShellExecuteExW
ShellExecuteW
ord155
ord18
SHBindToObject

ole32

CoTaskMemAlloc
CoGetObject

user32

GetWindowLongPtrW
GetFocus
DestroyIcon
SetTimer
DestroyWindow
SystemParametersInfoW
UnregisterClassA
KillTimer
SendMessageW
DefWindowProcW
SendInput
GetKeyState
GetShellWindow
GetWindowThreadProcessId
GetUserObjectInformationW
GetThreadDesktop
SetDesktopColorTransform
SendNotifyMessageW

dui70

?SetAccessible@Element@DirectUI@@QEAAJ_N@Z
?ClickDefaultButton@XProvider@DirectUI@@UEAAHXZ
?ForceThemeChange@XProvider@DirectUI@@UEAAJ_K_J@Z
?GetHostedElementID@XProvider@DirectUI@@UEAAJPEAG@Z
?FindElementWithShortcutAndDoDefaultAction@XProvider@DirectUI@@UEAAHGH@Z
?CanSetFocus@XProvider@DirectUI@@UEAAJPEA_N@Z
?Navigate@XProvider@DirectUI@@UEAAJHPEA_N@Z
?SetFocus@XProvider@DirectUI@@UEAAJPEAVElement@2@@Z
?IsDescendent@XProvider@DirectUI@@UEAAJPEAVElement@2@PEA_N@Z
?GetDesiredSize@XProvider@DirectUI@@UEAAJHHPEAUtagSIZE@@@Z
?SetParameter@XProvider@DirectUI@@UEAAJAEBU_GUID@@PEAX@Z
?AddRef@XProvider@DirectUI@@UEAAKXZ
?GetClassInfoPtr@HWNDElement@DirectUI@@SAPEAUIClassInfo@2@XZ
?SetDefaultButtonTracking@XProvider@DirectUI@@UEAAJ_N@Z
?SetHandleEnterKey@XProvider@DirectUI@@IEAAX_N@Z
?CreateDUI@XProvider@DirectUI@@UEAAJPEAVIXElementCP@2@PEAPEAUHWND__@@@Z
?GetRoot@XProvider@DirectUI@@IEAAPEAVElement@2@XZ
?Initialize@XProvider@DirectUI@@QEAAJPEAVElement@2@PEAVIXProviderCP@2@@Z
?Create@XResourceProvider@DirectUI@@SAJPEAUHINSTANCE__@@PEBG11PEAPEAV12@@Z
?QueryInterface@XProvider@DirectUI@@UEAAJAEBU_GUID@@PEAPEAX@Z
??1XProvider@DirectUI@@UEAA@XZ
??0XProvider@DirectUI@@QEAA@XZ
?QueryInterface@Element@DirectUI@@UEAAJAEBU_GUID@@PEAPEAX@Z
?GetClassInfoPtr@Element@DirectUI@@SAPEAUIClassInfo@2@XZ
?Register@Element@DirectUI@@SAJXZ
?GetAtomZero@Value@DirectUI@@SAPEAV12@XZ
?GetValue@Element@DirectUI@@QEAAPEAVValue@2@PEBUPropertyInfo@2@HPEAUUpdateCache@2@@Z
?GetStringNull@Value@DirectUI@@SAPEAV12@XZ
?SetButtonClassAcceptsEnterKey@XProvider@DirectUI@@UEAAJ_N@Z
?CreateXBaby@XProvider@DirectUI@@UEAAJPEAVIXElementCP@2@PEAUHWND__@@PEAVElement@2@PEAKPEAPEAUIXBaby@2@@Z
InitProcessPriv
InitThread
?GetUnset@Value@DirectUI@@SAPEAV12@XZ
?GetValue@Element@DirectUI@@QEAAPEAVValue@2@P6APEBUPropertyInfo@2@XZHPEAUUpdateCache@2@@Z
?CustomProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?GetContentString@Element@DirectUI@@QEAAPEBGPEAPEAVValue@2@@Z
?GetClassInfoPtr@TouchSwitch@DirectUI@@SAPEAUIClassInfo@2@XZ
?GetOnText@TouchSwitch@DirectUI@@QEAAPEBGPEAPEAVValue@2@@Z
?GetOffText@TouchSwitch@DirectUI@@QEAAPEBGPEAPEAVValue@2@@Z
?GetToggleValue@TouchSwitch@DirectUI@@QEAAHXZ
?SliderUpdated@TouchSlider@DirectUI@@SA?AVUID@@XZ
?RemoveListener@Element@DirectUI@@QEAAXPEAUIElementListener@2@@Z
?AddListener@Element@DirectUI@@QEAAJPEAUIElementListener@2@@Z
?BackgroundProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?ForegroundProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?SetAccName@Element@DirectUI@@QEAAJPEBG@Z
??1IDataEngine@DirectUI@@UEAA@XZ
??0IDataEngine@DirectUI@@QEAA@XZ
??1IDataEntry@DirectUI@@UEAA@XZ
??0IDataEntry@DirectUI@@QEAA@XZ
?GetClass@Element@DirectUI@@QEAAPEBGPEAPEAVValue@2@@Z
?SetActive@Element@DirectUI@@QEAAJH@Z
??0CritSecLock@DirectUI@@QEAA@PEAU_RTL_CRITICAL_SECTION@@@Z
??1CritSecLock@DirectUI@@QEAA@XZ
?IsRTLReading@Element@DirectUI@@UEAA_NXZ
?IsContentProtected@Element@DirectUI@@UEAA_NXZ
?UpdateTooltip@Element@DirectUI@@MEAAXPEAV12@@Z
?ActivateTooltip@Element@DirectUI@@MEAAXPEAV12@K@Z
?RemoveTooltip@Element@DirectUI@@MEAAXPEAV12@@Z
?GetKeyFocused@Element@DirectUI@@UEAA_NXZ
?AssertPIZeroRef@ClassInfoBase@DirectUI@@UEBAXXZ
?GetChildren@ClassInfoBase@DirectUI@@UEBAHXZ
?RemoveChild@ClassInfoBase@DirectUI@@UEAAXXZ
?AddChild@ClassInfoBase@DirectUI@@UEAAXXZ
?IsGlobal@ClassInfoBase@DirectUI@@UEBA_NXZ
?GetModule@ClassInfoBase@DirectUI@@UEBAPEAUHINSTANCE__@@XZ
?IsSubclassOf@ClassInfoBase@DirectUI@@UEBA_NPEAUIClassInfo@2@@Z
?IsValidProperty@ClassInfoBase@DirectUI@@UEBA_NPEBUPropertyInfo@2@@Z
?GetName@ClassInfoBase@DirectUI@@UEBAPEBGXZ
?GetGlobalIndex@ClassInfoBase@DirectUI@@UEBAIXZ
?GetPICount@ClassInfoBase@DirectUI@@UEBAIXZ
?GetByClassIndex@ClassInfoBase@DirectUI@@UEAAPEBUPropertyInfo@2@I@Z
?EnumPropertyInfo@ClassInfoBase@DirectUI@@UEAAPEBUPropertyInfo@2@I@Z
?Release@ClassInfoBase@DirectUI@@UEAAHXZ
?AddRef@ClassInfoBase@DirectUI@@UEAAXXZ
?GetUiaFocusDelegate@Element@DirectUI@@UEAAPEAV12@XZ
?HandleUiaEventListener@Element@DirectUI@@UEAAXPEAUEvent@2@@Z
?HandleUiaPropertyChangingListener@Element@DirectUI@@UEAAXPEBUPropertyInfo@2@@Z
?HandleUiaPropertyListener@Element@DirectUI@@UEAAXPEBUPropertyInfo@2@HPEAVValue@2@1@Z
?HandleUiaDestroyListener@Element@DirectUI@@UEAAXXZ
?GetElementProviderImpl@Element@DirectUI@@UEAAJPEAVInvokeHelper@2@PEAPEAVElementProvider@2@@Z
?GetUIAElementProvider@Element@DirectUI@@UEAAJAEBU_GUID@@PEAPEAX@Z
?DefaultAction@Element@DirectUI@@UEAAJXZ
?GetAccessibleImpl@Element@DirectUI@@UEAAJPEAPEAUIAccessible@@@Z
?OnUnHosted@Element@DirectUI@@MEAAXPEAV12@@Z
?OnHosted@Element@DirectUI@@MEAAXPEAV12@@Z
?_SelfLayoutUpdateDesiredSize@Element@DirectUI@@MEAA?AUtagSIZE@@HHPEAVSurface@2@@Z
?_SelfLayoutDoLayout@Element@DirectUI@@MEAAXHH@Z
?GetImmersiveFocusRectOffsets@Element@DirectUI@@UEAAXPEAUtagRECT@@@Z
?MessageCallback@Element@DirectUI@@UEAAIPEAUtagGMSG@@@Z
?RemoveBehavior@Element@DirectUI@@UEAAJPEAUIDuiBehavior@@@Z
?AddBehavior@Element@DirectUI@@UEAAJPEAUIDuiBehavior@@@Z
?SetKeyFocus@Element@DirectUI@@UEAAXXZ
?EnsureVisible@Element@DirectUI@@UEAA_NHHHH@Z
?GetAdjacent@Element@DirectUI@@UEAAPEAV12@PEAV12@HPEBUNavReference@2@K@Z
?Remove@Element@DirectUI@@UEAAJPEAPEAV12@I@Z
?Insert@Element@DirectUI@@UEAAJPEAPEAV12@II@Z
?Add@Element@DirectUI@@UEAAJPEAPEAV12@I@Z
?GetContentSize@Element@DirectUI@@UEAA?AUtagSIZE@@HHPEAVSurface@2@@Z
?Paint@Element@DirectUI@@UEAAXPEAUHDC__@@PEBUtagRECT@@1PEAU4@2@Z
?OnDestroy@Element@DirectUI@@UEAAXXZ
?OnMouseFocusMoved@Element@DirectUI@@UEAAXPEAV12@0@Z
?OnGroupChanged@Element@DirectUI@@UEAAXH_N@Z
?OnPropertyChanged@Element@DirectUI@@UEAAXPEAUPropertyInfo@2@HPEAVValue@2@1@Z
?OnPropertyChanged@Element@DirectUI@@UEAAXPEBUPropertyInfo@2@HPEAVValue@2@1@Z
?OnPropertyChanging@Element@DirectUI@@UEAA_NPEAUPropertyInfo@2@HPEAVValue@2@1@Z
?OnPropertyChanging@Element@DirectUI@@UEAA_NPEBUPropertyInfo@2@HPEAVValue@2@1@Z
?GetContentStringAsDisplayed@Element@DirectUI@@UEAAPEBGPEAPEAVValue@2@@Z
??1ClassInfoBase@DirectUI@@UEAA@XZ
??0ClassInfoBase@DirectUI@@QEAA@XZ
?Destroy@Element@DirectUI@@QEAAJ_N@Z
?Initialize@ClassInfoBase@DirectUI@@QEAAJPEAUHINSTANCE__@@PEBG_NPEBQEBUPropertyInfo@2@I@Z
?Register@ClassInfoBase@DirectUI@@QEAAJXZ
?ClassExist@ClassInfoBase@DirectUI@@SA_NPEAPEAUIClassInfo@2@PEBQEBUPropertyInfo@2@IPEAU32@PEAUHINSTANCE__@@PEBG_N@Z
?GetFactoryLock@Element@DirectUI@@SAPEAU_RTL_CRITICAL_SECTION@@XZ
?OnKeyFocusMoved@Element@DirectUI@@UEAAXPEAV12@0@Z
?OnEvent@Element@DirectUI@@UEAAXPEAUEvent@2@@Z
?OnInput@Element@DirectUI@@UEAAXPEAUInputEvent@2@@Z
??1Element@DirectUI@@UEAA@XZ
??0Element@DirectUI@@QEAA@XZ
?Initialize@Element@DirectUI@@QEAAJIPEAV12@PEAK@Z
?Release@Value@DirectUI@@QEAAXXZ
?GetChildren@Element@DirectUI@@QEAAPEAV?$DynamicArray@PEAVElement@DirectUI@@$0A@@2@PEAPEAVValue@2@@Z
?SetWidth@Element@DirectUI@@QEAAJH@Z
?SetLayoutPos@Element@DirectUI@@QEAAJH@Z
?SetContentString@Element@DirectUI@@QEAAJPEBG@Z
?SetSelected@Element@DirectUI@@QEAAJ_N@Z
?SetShortcut@Element@DirectUI@@QEAAJH@Z
?SetEnabled@Element@DirectUI@@QEAAJ_N@Z
?SetSelection@Combobox@DirectUI@@QEAAJH@Z
GetElementDataEntry
?Init@NavReference@DirectUI@@QEAAXPEAVElement@2@PEAUtagRECT@@@Z
?SetDataEngine@Repeater@DirectUI@@QEAAXPEAUIDataEngine@2@@Z
?AddString@Combobox@DirectUI@@QEAAHPEBG@Z
?SelectionChange@Combobox@DirectUI@@SA?AVUID@@XZ
?Click@Button@DirectUI@@SA?AVUID@@XZ
StrToID
?FindDescendent@Element@DirectUI@@QEAAPEAV12@G@Z
?GetClassInfoPtr@ScrollViewer@DirectUI@@SAPEAUIClassInfo@2@XZ
?GetClassInfoPtr@CCTrackBar@DirectUI@@SAPEAUIClassInfo@2@XZ
?GetClassInfoPtr@CCSysLink@DirectUI@@SAPEAUIClassInfo@2@XZ
?GetClassInfoPtr@CCCheckBox@DirectUI@@SAPEAUIClassInfo@2@XZ
?GetClassInfoPtr@CCBase@DirectUI@@SAPEAUIClassInfo@2@XZ
?GetClassInfoPtr@Combobox@DirectUI@@SAPEAUIClassInfo@2@XZ
UnInitProcessPriv
UnInitThread
?SetRegisteredDefaultButton@XProvider@DirectUI@@UEAAJPEAVElement@2@@Z

dwmapi

DwmIsCompositionEnabled

sspicli

GetUserNameExW

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Update_30_09/buffed/chidedOcurred.xml
.xml
Update_30_09/buffed/decineSatoriiCoppy.xml
.xml
Update_30_09/buffed/ecocide.xml
.xml
Update_30_09/buffed/gheddaOptimal.xml
.xml
Update_30_09/buffed/pickup.xml
.xml
Update_30_09/buffed/pictaviSina.xml
.xml
Update_30_09/oleprn.dll
.dll regsvr32 windows:10 windows x64 arch:x64

Password: github

5a9a8e0a0dd00c835eee8847bfab87ac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

oleprn.pdb

Imports

msvcrt

_wtol
_wcsnicmp
_vsnwprintf
_purecall
free
__C_specific_handler
memcpy_s
_local_unwind
memcpy
_onexit
__dllonexit
_unlock
_lock
_initterm
_amsg_exit
_XcptFilter
_callnewh
wcscspn
wcsrchr
wcschr
realloc
malloc
iswalnum
iswxdigit
iswdigit
towlower
memset

atl

ord25
ord27
ord30
ord31
ord22
ord18
ord15
ord21
ord16
ord23
ord26
ord32

ntdll

NtOpenThreadToken
NtSetInformationThread
NtClose
WinSqmIncrementDWORD
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlNtStatusToDosError

kernel32

GetComputerNameW
SetLastError
lstrcmpW
CompareStringOrdinal
FormatMessageW
GetWindowsDirectoryW
GetFileAttributesW
GetSystemDefaultLocaleName
FreeLibrary
LoadLibraryExW
GlobalFree
DeleteFileW
CreateThread
WaitForSingleObject
GetExitCodeProcess
WriteFile
GetTempPathW
CreateFileW
HeapFree
VirtualFree
LoadLibraryExA
EncodePointer
HeapAlloc
DecodePointer
GetProcessHeap
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
Sleep
ReleaseSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTickCount
LocalAlloc
MultiByteToWideChar
ReleaseSemaphore
GetModuleHandleExW
ReleaseMutex
OutputDebugStringW
WaitForSingleObjectEx
OpenSemaphoreW
CreateMutexExW
IsDebuggerPresent
DisableThreadLibraryCalls
DeleteCriticalSection
InitializeCriticalSection
LocalFree
GlobalUnlock
GlobalLock
GlobalAlloc
CloseHandle
GetCurrentProcess
GetProcAddress
lstrcmpiW
GetModuleFileNameA
CreateSemaphoreExW
GetVersionExW
GetModuleHandleW
GetLastError
GetCurrentThreadId
RaiseException
DebugBreak
LeaveCriticalSection
EnterCriticalSection
GetSystemInfo
VirtualQuery
VirtualAlloc
VirtualProtect
AcquireSRWLockExclusive
WideCharToMultiByte

advapi32

RegOpenKeyW
TraceMessage
UnregisterTraceGuids
RegisterTraceGuidsW
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

user32

CallWindowProcW
CreateWindowExW
DefWindowProcW
UnionRect
PtInRect
GetClassInfoW
RegisterClassW
GetWindowLongPtrW
SetWindowLongPtrW
GetForegroundWindow
GetLastActivePopup
GetDesktopWindow
MessageBoxW
RegisterClassExW
wsprintfW
LoadCursorW
GetClassInfoExW
SendMessageW
GetWindow
EndPaint
GetClientRect
BeginPaint
InvalidateRect
DestroyWindow
SetWindowPos
SetWindowRgn
OffsetRect
EqualRect
IsWindow
ShowWindow
SetFocus
GetParent
LoadStringW
PeekMessageW
IntersectRect

winspool.drv

ClosePrinter
XcvDataW
GetPrinterDataExW
EnumPortsW
DeviceCapabilitiesW
AddPrinterConnectionW
ConfigurePortW
ord203
ord204
EnumJobsW
GetPrinterW
GetPrinterDriverW
GetPrinterDataW
OpenPrinterW

wininet

InternetOpenW
InternetOpenUrlW
HttpQueryInfoW
InternetReadFile
InternetCloseHandle
InternetCanonicalizeUrlW
InternetErrorDlg

gdi32

SetViewportOrgEx
SetMapMode
LPtoDP
GetDeviceCaps
DeleteMetaFile
CloseMetaFile
RestoreDC
SetWindowExtEx
SetWindowOrgEx
SaveDC
CreateMetaFileW
DeleteDC
CreateRectRgnIndirect

shell32

ShellExecuteExW

ole32

StringFromCLSID
CoTaskMemFree
CreateOleAdviseHolder
CreateDataAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
CoCreateGuid
OleRegEnumVerbs
CoCreateInstance

oleaut32

SysFreeString
SysAllocStringLen
SysAllocString
VariantClear
VariantInit
VariantChangeType
LoadRegTypeLi
SetErrorInfo
OleCreatePropertyFrame
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayCreate
SafeArrayDestroy
SafeArrayRedim
SafeArrayPutElement
SafeArrayGetElement

clusapi

GetNodeClusterState

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Update_30_09/wwancfg.dll
.dll windows:10 windows x64 arch:x64

Password: github

49decdfb6773b3da00526a10323a4d5d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

wwancfg.pdb

Imports

msvcrt

_callnewh
memcpy
memcpy_s
_wcsicmp
__C_specific_handler
_initterm
malloc
_amsg_exit
_XcptFilter
free
_wtoi
wcsstr
toupper
memcmp
__CxxFrameHandler3
iswdigit
memset

ntdll

EtwGetTraceLoggerHandle
EtwTraceMessage
EtwGetTraceEnableFlags
EtwUnregisterTraceGuids
RtlIpv4AddressToStringW
EtwGetTraceEnableLevel
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlIpv6StringToAddressW
RtlIpv4StringToAddressW
RtlIpv6AddressToStringW
EtwRegisterTraceGuidsW

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
SetUnhandledExceptionFilter
RaiseException
SetLastError
GetLastError

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls
LoadStringW

api-ms-win-core-com-l1-1-0

StringFromGUID2
CoCreateInstance
IIDFromString
CoUninitialize
CoInitializeEx
CLSIDFromString
CoTaskMemFree
StringFromCLSID

api-ms-win-core-synch-l1-1-0

SetEvent
CreateEventW
WaitForMultipleObjectsEx

api-ms-win-core-string-l1-1-0

MultiByteToWideChar

api-ms-win-core-sysinfo-l1-1-0

GetTickCount64
GetTickCount
GetSystemTimeAsFileTime

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-timezone-l1-1-0

FileTimeToSystemTime

api-ms-win-core-file-l1-1-0

SetFileInformationByHandle
FileTimeToLocalFileTime
CreateFileW

api-ms-win-core-datetime-l1-1-0

GetDateFormatW
GetTimeFormatW

api-ms-win-core-processenvironment-l1-1-0

ExpandEnvironmentStringsW

api-ms-win-eventing-controller-l1-1-0

StartTraceW
ControlTraceW

api-ms-win-eventing-legacy-l1-1-0

EnableTrace

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-processthreads-l1-1-0

GetCurrentThreadId
TerminateProcess
GetCurrentProcessId
GetCurrentProcess

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

netsh.exe

MatchTagsInCmdLine
RegisterHelper
PrintMessageFromModule
MatchEnumTag
RegisterContext

wwapi

WwanDeleteDMConfigProfile
WwanEnumerateInterfaces
WwanSetProfile
WwanGetProfile
WwanGetProfileList
WwanRegisterNotification
WwanDeleteProfile
WwanDisconnect
WwanAllocateMemory
WwanQueryInterface
WwanScan
WwanCloseHandle
WwanSetInterface
WwanOpenHandle
WwanConnect
WwanSetDMConfigProfile
WwanFreeMemory
WwanGetDMConfigProfile
WwanGetProfileState
WwanConnectAdditionalPdpContext
WwanGetProfileListByPurpose
WwanGetDMConfigProfileList

wcmapi

WcmCloseHandle
WcmSetParameter
WcmQueryProperty
WcmFreeMemory
WcmOpenHandle

api-ms-win-core-heap-l2-1-0

LocalFree

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpW

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapFree
HeapAlloc

Exports

Exports

GetResourceString
InitHelperDll

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 440B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: github

Password: github

9b0781a524349d13dab24794562a9f4f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

comdlg32

wininet

version

shlwapi

winmm

imm32

Exports

Exports

Sections

.text Size: 4.3MB - Virtual size: 4.3MB

.rdata Size: 37.7MB - Virtual size: 37.7MB

.data Size: 117KB - Virtual size: 218KB

.pdata Size: 171KB - Virtual size: 171KB

_RDATA Size: 512B - Virtual size: 244B

.rsrc Size: 1024B - Virtual size: 736B

.reloc Size: 81KB - Virtual size: 81KB

Password: github

694bbdd01d5262771f27e7c775c63322

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdiplus

winmm

comdlg32

shell32

ole32

gdi32

user32

oleaut32

wininet

shlwapi

imm32

Exports

Exports

Sections

.text Size: 3.2MB - Virtual size: 3.2MB

.rdata Size: 706KB - Virtual size: 705KB

.data Size: 63KB - Virtual size: 86KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 143KB - Virtual size: 142KB

Password: github

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

#.47i( Size: 300KB - Virtual size: 299KB

.text Size: 38KB - Virtual size: 37KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

Size: 512B - Virtual size: 16B

Password: github

68a52d7dd14ee2effbb73575ae8a0035

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

.text
Size: 4.3MB - Virtual size: 4.3MB

.rdata
Size: 37.7MB - Virtual size: 37.7MB

.data
Size: 117KB - Virtual size: 218KB

.pdata
Size: 171KB - Virtual size: 171KB

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 1024B - Virtual size: 736B

.reloc
Size: 81KB - Virtual size: 81KB

.text
Size: 3.2MB - Virtual size: 3.2MB

.rdata
Size: 706KB - Virtual size: 705KB

.data
Size: 63KB - Virtual size: 86KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 143KB - Virtual size: 142KB

#.47i(
Size: 300KB - Virtual size: 299KB

.text
Size: 38KB - Virtual size: 37KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 3.7MB - Virtual size: 3.7MB

.rdata
Size: 984KB - Virtual size: 983KB

.data
Size: 46KB - Virtual size: 74KB

.pdata
Size: 158KB - Virtual size: 158KB

_RDATA
Size: 512B - Virtual size: 252B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 37KB - Virtual size: 37KB

.text
Size: 191KB - Virtual size: 190KB

.rdata
Size: 65KB - Virtual size: 64KB

.data
Size: 4KB - Virtual size: 18KB

.pdata
Size: 7KB - Virtual size: 6KB

.didat
Size: 512B - Virtual size: 120B

.rsrc
Size: 4KB - Virtual size: 4KB