743daddcb5cbb46772d2cd71f9484d86f022b091056941fa4b83e11dd248229b

Sharing

Copy URL Twitter E-mail

General

Target

743daddcb5cbb46772d2cd71f9484d86f022b091056941fa4b83e11dd248229b
Size

11.9MB
MD5

d1132c56224ec1bd519192083b8db7d2
SHA1

f5b0900d267ac7944dc88df40a434ce70713eb37
SHA256

743daddcb5cbb46772d2cd71f9484d86f022b091056941fa4b83e11dd248229b
SHA512

585bd761f3e65e64488199ef4e6f84f0ea177b754dd3dab1ed184dcf8545798ae2066d66c47d6fa44aca01e635cf657da6228dba2b5c848590888621877976fe
SSDEEP

196608:cV+nzMaZRy4f7i0D7RMUWr9NO2Jy6O2HHXNM0uo8PZeogTmdUBIMnzLo3:9ngky4fpDFMU+/JxOWXaj+og5WMnzLo3

Score

3^/10

Malware Config

Signatures

Unsigned PE 13 IoCs

Checks for missing Authenticode signature.

resource
unpack001//VC98linker/Bin/CVTRES.EXE
unpack001//VC98linker/Bin/DUMPBIN.EXE
unpack001//VC98linker/Bin/EDITBIN.EXE
unpack001//VC98linker/Bin/LIB.EXE
unpack001//VC98linker/Bin/LINK.EXE
unpack001//VC98linker/Bin/MSPDB60.DLL
unpack001//VC98linker/Bin/REBASE.EXE
unpack001//VC98linker/Lib/MSCOMSTF.DLL
unpack001//VC98linker/Lib/MSDETSTF.DLL
unpack001//VC98linker/Lib/MSINSSTF.DLL
unpack001//VC98linker/Lib/MSSHLSTF.DLL
unpack001//VC98linker/Lib/MSUILSTF.DLL
unpack001//e.exe

Files

743daddcb5cbb46772d2cd71f9484d86f022b091056941fa4b83e11dd248229b
.zip
/VC98linker/Bin/CVTRES.EXE
.exe windows:5 windows x86 arch:x86

30333ef5a2dd21199d66d4427807be6f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

time
_tzset
fclose
_fsopen
_makepath
_splitpath
_strnicmp
_stricmp
calloc
free
fread
ftell
fseek
fwrite
vprintf
wcscmp
fprintf
puts
printf
strncpy
sprintf
_exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
exit
__p__iob
_chsize

kernel32

LoadLibraryA
GetProcAddress

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
/VC98linker/Bin/DUMPBIN.EXE
.exe windows:4 windows x86 arch:x86

902dded724686f82a71d82ffbdff7c62

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__getmainargs
_spawnvp
_spawnv
exit
printf
malloc
_makepath
_splitpath
__p__pgmptr
_exit
_XcptFilter
__p___initenv
free
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
/VC98linker/Bin/EDITBIN.EXE
.exe windows:4 windows x86 arch:x86

902dded724686f82a71d82ffbdff7c62

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__getmainargs
_spawnvp
_spawnv
exit
printf
malloc
_makepath
_splitpath
__p__pgmptr
_exit
_XcptFilter
__p___initenv
free
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
/VC98linker/Bin/LIB.EXE
.exe windows:4 windows x86 arch:x86

902dded724686f82a71d82ffbdff7c62

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__getmainargs
_spawnvp
_spawnv
exit
printf
malloc
_makepath
_splitpath
__p__pgmptr
_exit
_XcptFilter
__p___initenv
free
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
/VC98linker/Bin/LINK.EXE
.exe windows:4 windows x86 arch:x86

a4b534403cf4df6c9175820e7b606e96

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mspdb60

?OpenValidate3@PDB@@SAHPBD0PAJQAD2PAK3PAPAU1@@Z
TruncStFromSz
SigForPbCb

msvcrt

_spawnvp
_makepath
__p__pgmptr
remove
__unDName
malloc
strncmp
longjmp
_fcloseall
putc
vprintf
fread
fseek
ftell
getc
rewind
fwrite
_tempnam
_spawnv
_fsopen
_setjmp3
_seh_longjmp_unwind
getenv
_fullpath
_getcwd
_stricmp
_ismbcspace
fgets
_mbstok
_ultoa
_mbsrchr
_tzset
??2@YAPAXI@Z
strrchr
__CxxFrameHandler
_mbclen
toupper
time
fclose
_mbsicmp
_mbschr
fprintf
isprint
fputc
exit
puts
ctime
fputs
realloc
strtok
_strdup
strcspn
_mbscmp
_mbsnbcmp
_utime
_osver
atoi
rename
_mktemp
strstr
_filelength
_mbsnbcpy
_mbsdec
_searchenv
_mbsnbicmp
_mbsncmp
_mbspbrk
__dllonexit
_onexit
_exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
qsort
_purecall
??3@YAXPAX@Z
_except_handler3
_iob
setlocale
isdigit
memmove
_splitpath
_strupr
_strnicmp
setvbuf
printf
fflush
_itoa
sprintf
sscanf
strchr
_write
_lseek
_read
_tell
_close
_sopen
__doserrno
_stat
_access
_unlink
free
_chsize
strncpy
calloc
isalnum
strncat
bsearch

kernel32

FreeLibrary
RaiseException
LocalAlloc
FindClose
FindFirstFileA
GetDiskFreeSpaceA
VirtualAlloc
GetSystemInfo
GlobalMemoryStatus
SetEnvironmentVariableA
GetCommandLineA
GetCurrentProcess
GetVersion
GetTickCount
CopyFileA
GetTempPathA
GetTempFileNameA
LoadLibraryA
VirtualFree
SetErrorMode
SetConsoleCtrlHandler
Sleep
DeleteFileA
ExitProcess
CreateFileMappingA
MapViewOfFileEx
UnmapViewOfFile
SetFilePointer
SetEndOfFile
CloseHandle
CreateFileA
GetLastError
GetFileSize
GetModuleHandleA
GetProcAddress
FindNextFileA
InterlockedExchange

Sections

.text
Size: 416KB - Virtual size: 415KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
/VC98linker/Bin/MSPDB60.DLL
.dll windows:4 windows x86 arch:x86

cbe32dbbd3f0ce2c68744ad838770335

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_sopen
_open_osfhandle
_read
_osver
_lseek
_errno
_write
_chsize
memmove
_close
vfprintf
_mbsstr
_utime
sscanf
_ismbblead
strncmp
fwrite
_except_handler3
_snprintf
fprintf
_setmbcp
_getmbcp
setlocale
malloc
free
__unDName
strstr
_ultoa
toupper
strtoul
isdigit
isxdigit
strrchr
__dllonexit
_onexit
_initterm
_adjust_fdiv
_purecall
printf
_iob
time
getenv
_fsopen
fclose
fread
fseek
_mbschr
_mbsnbcpy
strchr
_mbscmp
_memicmp
bsearch
_strnicmp
sprintf
_access
_mbsrchr
_fullpath
_splitpath
_makepath
_mbsicmp
qsort
strncpy
fflush
fopen
_mbctolower
_mbctype
_stricmp

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

kernel32

GetFileInformationByHandle
FindClose
GetProcAddress
FreeLibrary
GetModuleHandleA
SetFilePointer
ReadFile
GetSystemTime
SystemTimeToFileTime
GetSystemInfo
GetCurrentThread
SetThreadPriority
CreateFileA
CreateFileMappingA
CloseHandle
CopyFileA
SearchPathA
VirtualAlloc
VirtualFree
HeapDestroy
HeapCreate
HeapAlloc
HeapFree
FindFirstFileA

Exports

Exports

??0SymTiIter@@QAE@PAUSYMTYPE@@@Z
??0TypeTiIter@@QAE@PAUTYPTYPE@@@Z
?ExportValidateInterface@PDB@@SAHK@Z
?FOpen@MREngine@@SGHPAPAU1@PAUMreToPdb@@HH@Z
?FOpen@MREngine@@SGHPAPAU1@PAUPDB@@PAUNameMap@@HH@Z
?FOpen@MREngine@@SGHPAPAU1@PBDAAJQADHH@Z
?Open@PDB@@SAHPAD0KPAJQADPAPAU1@@Z
?OpenEx@PDB@@SAHPAD0KJPAJQADPAPAU1@@Z
?OpenValidate2@PDB@@SAHPAD00KKJPAJQADPAPAU1@@Z
?OpenValidate3@PDB@@SAHPBD0PAJQAD2PAK3PAPAU1@@Z
?OpenValidate@PDB@@SAHPAD00KKPAJQADPAPAU1@@Z
?OpenValidateEx2@PDB@@SAHPAD000KKJPAJQADPAPAU1@@Z
?OpenValidateEx@PDB@@SAHPAD000KKPAJQADPAPAU1@@Z
?fCreate@WidenTi@@SAHAAPAU1@IH@Z
?fGetSymName@@YAHPAUSYMTYPE@@PAPAD@Z
?fGetSymRecTypName@@YAHPAUSYMTYPE@@PAPAD@Z
?next@TypeTiIter@@QAEHXZ
?open@Bsc@@SAHPADPAPAU1@@Z
?open@Bsc@@SAHPAUPDB@@PAPAU1@@Z
?open@ILStore@@SAHPAUPDB@@HPAPAU1@@Z
?open@NameMap@@SAHPAUPDB@@HPAPAU1@@Z
?open@StreamImage@@SAHPAUStream@@JPAPAU1@@Z
DBIAddLinkInfo
DBIAddPublic
DBIAddSec
DBIAddThunkMap
DBIClose
DBIDeleteMod
DBIDumpMods
DBIDumpSecContribs
DBIDumpSecMap
DBIFindTypeServers
DBIGetEnumContrib
DBIOpenDbg
DBIOpenGlobals
DBIOpenMod
DBIOpenPublics
DBIQueryDbgTypes
DBIQueryFileInfo
DBIQueryImplementationVersion
DBIQueryInterfaceVersion
DBIQueryItsmForTi
DBIQueryLazyTypes
DBIQueryLinkInfo
DBIQueryModFromAddr
DBIQueryNextItsm
DBIQueryNextMod
DBIQuerySecMap
DBIQuerySupportsEC
DBIQueryTypeServer
DbgAppend
DbgClear
DbgClose
DbgFind
DbgQueryNext
DbgQuerySize
DbgReplaceNext
DbgReset
DbgSkip
EnumContribGet
EnumContribGetCrcs
EnumContribNext
EnumContribRelease
EnumContribReset
GSIClose
GSIHashSym
GSINearestSym
GSINextSym
ILModGetIL
ILModGetILVer
ILModPutIL
ILModRelease
ILModReset
ILStoreGetILMod
ILStoreGetILSType
ILStoreGetILSpace
ILStoreOpen
ILStoreRelease
ILStoreReset
MSFClose
MSFGetCbPage
MSFGetCbStream
MSFOpen
MSFOpenEx
MSFReadStream
ModAddLines
ModAddPublic
ModAddSecContrib
ModAddSymbols
ModAddTypes
ModClose
ModGetPvClient
ModQueryCBFile
ModQueryCBName
ModQueryDBI
ModQueryFile
ModQueryImod
ModQueryImplementationVersion
ModQueryInterfaceVersion
ModQueryLines
ModQueryName
ModQuerySecContrib
ModQuerySrcFile
ModQuerySupportsEC
ModQuerySymbols
ModQueryTpi
ModSetPvClient
PDBClose
PDBCommit
PDBCopyTo
PDBCreateDBI
PDBExportValidateInterface
PDBOpen
PDBOpenDBI
PDBOpenDBIEx
PDBOpenEx
PDBOpenStream
PDBOpenTpi
PDBOpenValidate
PDBOpenValidate2
PDBOpenValidate3
PDBOpenValidateEx
PDBOpenValidateEx2
PDBQueryAge
PDBQueryImplementationVersion
PDBQueryInterfaceVersion
PDBQueryLastError
PDBQueryPDBName
PDBQuerySignature
SigForPbCb
StreamAppend
StreamDelete
StreamImageBase
StreamImageNoteRead
StreamImageNoteWrite
StreamImageOpen
StreamImageRelease
StreamImageSize
StreamImageWriteBack
StreamQueryCb
StreamRead
StreamRelease
StreamReplace
StreamTruncate
StreamWrite
TruncStFromSz
TypesAreTypesEqual
TypesClose
TypesCommit
TypesIsTypeServed
TypesQueryCVRecordForTiEx
TypesQueryCb
TypesQueryImplementationVersion
TypesQueryInterfaceVersion
TypesQueryPbCVRecordForTiEx
TypesQueryTiForCVRecordEx
TypesQueryTiForUDTEx
TypesQueryTiMacEx
TypesQueryTiMinEx
TypesSupportQueryTiForUDT
TypesfIs16bitTypePool
_MREBagFAddDep@20
_MREBagFClose@4
_MRECmpClassIsBoring@8
_MRECmpFCloseCompiland@12
_MRECmpFOpenCompiland@16
_MRECmpFPushFile@16
_MRECmpPmrefilePopFile@4
_MREDrvFFilesOutOfDate@8
_MREDrvFRefreshFileSysInfo@4
_MREDrvFRelease@4
_MREDrvFSuccessfulCompile@16
_MREDrvFUpdateTargetFile@12
_MREDrvOneTimeInit@4
_MREDrvYnmFileOutOfDate@8
_MREFClose@8
_MREFDelete@4
_MREFOpen@16
_MREFOpenByName@24
_MREFOpenEx@12
_MREFileFOpenBag@12
_MREQueryMreCmp@12
_MREQueryMreDrv@8
_MREQueryMreUtil@8

Sections

.text
Size: 156KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/VC98linker/Bin/REBASE.EXE
.exe windows:5 windows x86 arch:x86

45043dab895dfd895564d204d052c3f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

imagehlp

ReBaseImage
FindDebugInfoFile
SplitSymbols
RemoveRelocations

kernel32

SearchPathA
ExitProcess
GetFullPathNameA
CloseHandle
GetLastError
GetCommandLineA
GetVersion
HeapAlloc
GetTimeZoneInformation
TerminateProcess
GetCurrentProcess
GetSystemTime
GetLocalTime
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
HeapFree
VirtualAlloc
LCMapStringA
LCMapStringW
SetFilePointer
FindNextFileA
FindFirstFileA
FindClose
GetProcAddress
LoadLibraryA
SetStdHandle
FlushFileBuffers
CreateFileA
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
ReadFile
HeapReAlloc

user32

CharPrevA

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
/VC98linker/Bin/__cmd__.exe.lnk
.lnk
/VC98linker/Lib/ACLCLS.LIB
/VC98linker/Lib/ACTIVEDS.LIB
/VC98linker/Lib/ADDRLKUP.LIB
/VC98linker/Lib/ADME.LIB
/VC98linker/Lib/ADOID.LIB
/VC98linker/Lib/ADPTIF.LIB
/VC98linker/Lib/ADSIID.LIB
/VC98linker/Lib/ADVAPI32.LIB
/VC98linker/Lib/AFTPAPI.LIB
/VC98linker/Lib/AMSTRMID.LIB
/VC98linker/Lib/ATL.LIB
/VC98linker/Lib/ATLDLOAD.LIB
/VC98linker/Lib/BDNAPI.LIB
/VC98linker/Lib/BHMON.LIB
/VC98linker/Lib/BHSUPP.LIB
/VC98linker/Lib/BINMODE.OBJ
/VC98linker/Lib/CAP.LIB
/VC98linker/Lib/CERTADM.TLB
/VC98linker/Lib/CERTCLI.TLB
/VC98linker/Lib/CERTENC.TLB
/VC98linker/Lib/CERTEXIT.TLB
/VC98linker/Lib/CERTIDL.LIB
/VC98linker/Lib/CERTIF.TLB
/VC98linker/Lib/CERTPOL.TLB
/VC98linker/Lib/CHKSTK.OBJ
/VC98linker/Lib/CIUUID.LIB
/VC98linker/Lib/CLUADMEX.LIB
/VC98linker/Lib/CLUSAPI.LIB
/VC98linker/Lib/COMCTL32.LIB
/VC98linker/Lib/COMDLG32.LIB
/VC98linker/Lib/COMMODE.OBJ
/VC98linker/Lib/COMPMGR.LIB
/VC98linker/Lib/COMSUPP.LIB
/VC98linker/Lib/CRYPT32.LIB
/VC98linker/Lib/CTL3D32.LIB
/VC98linker/Lib/CTL3D32S.LIB
/VC98linker/Lib/CTLFWD32.LIB
/VC98linker/Lib/CTLFWR32.LIB
/VC98linker/Lib/D3DRM.LIB
/VC98linker/Lib/DACDLL.LIB
/VC98linker/Lib/DAGUID.LIB
/VC98linker/Lib/DANIM.LIB
/VC98linker/Lib/DAOUUID.LIB
/VC98linker/Lib/DAPI.LIB
/VC98linker/Lib/DBCS.LIB
/VC98linker/Lib/DBSETS.LIB
/VC98linker/Lib/DDAO35.LIB
/VC98linker/Lib/DDAO35U.LIB
/VC98linker/Lib/DDRAW.LIB
/VC98linker/Lib/DELAYIMP.LIB
/VC98linker/Lib/DFLAYOUT.LIB
/VC98linker/Lib/DINPUT.LIB
/VC98linker/Lib/DLCAPI.LIB
/VC98linker/Lib/DMAPIW32.LIB
/VC98linker/Lib/DPLAY.LIB
/VC98linker/Lib/DPLAYX.LIB
/VC98linker/Lib/DSCERT.LIB
/VC98linker/Lib/DSETUP.LIB
/VC98linker/Lib/DSOUND.LIB
/VC98linker/Lib/DTCCFG.LIB
/VC98linker/Lib/DTCCM.LIB
/VC98linker/Lib/DTCHELP.LIB
/VC98linker/Lib/DTCTRACE.LIB
/VC98linker/Lib/DTCUIC.LIB
/VC98linker/Lib/DTCUIS.LIB
/VC98linker/Lib/DTCUTIL.LIB
/VC98linker/Lib/DXGUID.LIB
/VC98linker/Lib/DXMRTPID.LIB
/VC98linker/Lib/EDBBCLI.LIB
/VC98linker/Lib/EDKCFG.LIB
/VC98linker/Lib/EDKDEBUG.LIB
/VC98linker/Lib/EDKEVENT.LIB
/VC98linker/Lib/EDKGUID.LIB
/VC98linker/Lib/EDKMAPI.LIB
/VC98linker/Lib/EDKMSG.LIB
/VC98linker/Lib/EDKSETUP.LIB
/VC98linker/Lib/EDKTRACK.LIB
/VC98linker/Lib/EDKUTILS.LIB
/VC98linker/Lib/EXADMIN.LIB
/VC98linker/Lib/EXCHINST.LIB
/VC98linker/Lib/EXCHSDK.LIB
/VC98linker/Lib/FASTFILE.LIB
/VC98linker/Lib/FDI.LIB
/VC98linker/Lib/FILTER.LIB
/VC98linker/Lib/FMISTR32.LIB
/VC98linker/Lib/FP10.OBJ
/VC98linker/Lib/FRIENDLY.LIB
/VC98linker/Lib/GDI32.LIB
/VC98linker/Lib/GLAUX.LIB
/VC98linker/Lib/GLU32.LIB
/VC98linker/Lib/GTRTST32.LIB
/VC98linker/Lib/GUIDS.LIB
/VC98linker/Lib/GWMAIN.LIB
/VC98linker/Lib/GWPERF.LIB
/VC98linker/Lib/GWREPORT.LIB
/VC98linker/Lib/HEXEDIT.LIB
/VC98linker/Lib/HLINK.LIB
/VC98linker/Lib/ICMUI.LIB
/VC98linker/Lib/IHVLINK.LIB
/VC98linker/Lib/IMAGEHLP.LIB
/VC98linker/Lib/IMM32.LIB
/VC98linker/Lib/JAVADBG.LIB
/VC98linker/Lib/KERNEL32.LIB
/VC98linker/Lib/KSGUID.LIB
/VC98linker/Lib/LARGEINT.LIB
/VC98linker/Lib/LIBC.LIB
/VC98linker/Lib/LIBCI.LIB
/VC98linker/Lib/LIBCIMT.LIB
/VC98linker/Lib/LIBCMT.LIB
/VC98linker/Lib/LIBCP.LIB
/VC98linker/Lib/LIBCPMT.LIB
/VC98linker/Lib/LOADPERF.LIB
/VC98linker/Lib/LOGMGR.LIB
/VC98linker/Lib/LSAPI32.LIB
/VC98linker/Lib/LZ32.LIB
/VC98linker/Lib/MAPI.LIB
/VC98linker/Lib/MAPI32.LIB
/VC98linker/Lib/MBLOGON.LIB
/VC98linker/Lib/MEASURE.LIB
/VC98linker/Lib/MESGXLAT.LIB
/VC98linker/Lib/MFCAPWZ.LIB
/VC98linker/Lib/MFCCLWZ.LIB
/VC98linker/Lib/MFCDLOAD.LIB
/VC98linker/Lib/MFCUIA32.LIB
/VC98linker/Lib/MGMTAPI.LIB
/VC98linker/Lib/MMC.LIB
/VC98linker/Lib/MONITOR.LIB
/VC98linker/Lib/MPR.LIB
/VC98linker/Lib/MPRAPI.LIB
/VC98linker/Lib/MQOA.LIB
/VC98linker/Lib/MQRT.LIB
/VC98linker/Lib/MSACM32.LIB
/VC98linker/Lib/MSCMS.LIB
/VC98linker/Lib/MSCOMSTF.DLL
.dll windows:1 windows x86 arch:x86

5ea1f0ae6aac6eb9bf3664a3e6027027

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msdetstf

CbGetDateOfFile
FGetFileVersion
LcbGetSizeOfFile

msinsstf

NLangFromFile

msshlstf

HwndFrame
HinstFrame

crtdll

strchr
_initterm
fclose
_access
_stat
_mktemp
_findnext
free
malloc
realloc
_findfirst
_pctype_dll
_isctype
__mb_cur_max_dll
atol
atoi
_ltoa
_itoa
_strtime
_strdate
fopen
rename

kernel32

lstrcpyA
lstrcmpiA
GetFullPathNameA
WritePrivateProfileStringA
WritePrivateProfileSectionA
GetFileAttributesA
SetFileAttributesA
DeleteFileA
lstrlenA
SetErrorMode
OpenFile
_lclose
_lread
_lwrite
SetFilePointer
GetLastError
GlobalCompact
GetVersion
lstrcatA
lstrcpynA
GetVolumeInformationA
lstrcmpA
GetPrivateProfileStringA
GlobalLock
GlobalAlloc
CreateDirectoryA
RemoveDirectoryA
GlobalFree
GetCurrentDirectoryA
SetCurrentDirectoryA

user32

CharPrevA
wsprintfA
MessageBeep
CharUpperA
OemToCharA
CharNextA
IsCharAlphaA
IsCharAlphaNumericA
LoadStringA
UpdateWindow
SetFocus
GetFocus
MessageBoxA
GetParent
GetWindowLongA
CharToOemA

Exports

Exports

AddSrcFileWithAttribsToCopyList
AssertSzUs
BadParamUs
CbGetAllocOpsCur
CbGetAllocOpsForceFailure
CbGetInfSectionKeyField
CbGetListItem
CbGetSymbolValue
CbReadFile
CbSetAllocOpsCur
CbSetAllocOpsForceFailure
CbStrCopyToBuffer
CbWriteFile
CchlValidSubPath
CrcStringCompare
CrcStringCompareI
DOSAccess
DOSChDir
DOSChMod
DOSClose
DOSFindFirst
DOSFindNext
DOSFopen
DOSFullPath
DOSGetcwd
DOSMkDir
DOSMkTemp
DOSRemove
DOSRename
DOSRmDir
DOSStat
DataSegMsgBox
DoMsgBox
EercErrorHandler
EercOpenFile
ExtMessageBox
FAddDirToUninstallList
FAddEnvToUninstallList
FAddFileToUninstallList
FAddListItem
FAddNewSzsInPoerToFreeTable
FAddProgManGroupToUninstallList
FAddProgManItemToUninstallList
FAddRegToUninstallList
FAddSectionFilesToCopyList
FAddSectionKeyFileToCopyList
FAddSpecialFileToCopyList
FAddSymbolValueToSymTab
FAddSzToFreeTable
FCanCreateFile
FChmodFile
FCloseFile
FCloseFileForReopen
FCloseLogFile
FEndOfFile
FFSType
FFileExist
FFindFirstInfSection
FFindFirstLineFromInfSection
FFindInfSection
FFindLineFromInfSectionKey
FFindNextInfSection
FFindNextLineFromInf
FFindNthLineFromInfSection
FFreeCopyList
FFreeFreeTable
FFreeInf
FFreePcln
FFreePidb
FFreePoer
FFreePsdle
FFreePsfd
FFreePste
FFreePstf
FFreeRgsz
FFreeSrcDescrList
FFreeSymTab
FGetBeepingMode
FGetFirstUninstallDir
FGetFirstUninstallEnv
FGetFirstUninstallFile
FGetFirstUninstallProgManGroup
FGetFirstUninstallProgManItem
FGetFirstUninstallReg
FGetNextUninstallDir
FGetNextUninstallEnv
FGetNextUninstallFile
FGetNextUninstallProgManGroup
FGetNextUninstallProgManItem
FGetNextUninstallReg
FGetSilent
FHandleOOM
FHasInfBeenOpened
FInitFreeTable
FInitSymTab
FKeyInInfLine
FListValue
FMakeListInfSectionField
FMakePathFromDirAndSubPath
FMakePathFromPieces
FOpenInf
FOpenLogFile
FParsePathIntoPieces
FParseVersion
FPrintPcln
FPrintPoer
FPrintPsfd
FReadUninstallData
FRemoveFile
FRemoveSymbol
FRenameFile
FReopenFile
FReplaceListItem
FSaveCurrentInfLine
FSetBeepingMode
FSetCurrentInfLine
FSetPoerToEmpty
FSetSilent
FSetSymbolToListOfInfKeys
FStoreUninstallData
FValidCopyList
FValidDir
FValidFATPathChar
FValidOerDate
FValidPath
FValidPcln
FValidPoer
FValidPsfd
FWriteLogLine
FWriteSzToFile
FWriteToLogFile
FWriteToLogFileNoNewLine
FreeMemInf
GrcAddCurLineToCList
GrcAddPsfdToCList
GrcAddSectionFilesToCList
GrcAddSectionFilesToCopyList
GrcAddSectionKeyFileToCopyList
GrcAddSymbolFromInfLineToSymTab
GrcAddSymsFromInfSection
GrcFillPoerFromSymTab
GrcGetSectionFileLine
GrcOpenInf
GrcValidPinf
LfaSeekFile
PbSaveMemInf
PclnAlloc
PidbAlloc
PoerAlloc
PpclnHeadList
PppclnTailList
PpsteFindSymbol
PreCondSzUs
PsdleAlloc
PsdleFromDid
PsfdAlloc
PsteAlloc
PstfAlloc
RTChkArgSzUs
RestoreMemInf
RgszFromSzListValue
SzDupl
SzFindSymbolValueInSymTab
SzGetSectionFromInfLine
SzGetSubstitutedValue
SzLastChar
SzListValueFromRgsz
SzProcessSz
SzProcessSzForSyms
UsGetListLength
UsHashFunction
charDOSFuncSZ
intDOSFunc
intDOSFuncW
unsDOSFuncPW

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ERROR1B_
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INF18B_T
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

LIST1B_T
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 20B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/VC98linker/Lib/MSCOMSTF.LIB
/VC98linker/Lib/MSCONF.LIB
/VC98linker/Lib/MSDASC.LIB
/VC98linker/Lib/MSDETSTF.DLL
.dll windows:1 windows x86 arch:x86

d9025ec248e9f762492e2516b42c7e87

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscomstf

LfaSeekFile
FHandleOOM
CbStrCopyToBuffer
FParseVersion
DOSAccess
FMakePathFromDirAndSubPath
DOSStat
CbReadFile
CrcStringCompareI
FCloseFile
EercOpenFile
FAddSymbolValueToSymTab
FValidPath
FFileExist
SzLastChar

advapi32

RegQueryValueExA
RegOpenKeyExA
RegEnumValueA
RegCloseKey

crtdll

_initterm
_strdup
_strrev
atol
_chdrive
_ltoa
malloc
free
_getdrive
_stat
localtime

kernel32

GetDiskFreeSpaceA
lstrcatA
FreeLibrary
GetEnvironmentVariableA
GetSystemInfo
GlobalAlloc
GlobalFree
GetProfileStringA
GetPrivateProfileStringA
lstrcmpiA
lstrlenA
GetDriveTypeA
GetLastError
SetErrorMode
lstrcpyA
GetVersion
GetWindowsDirectoryA
GetSystemDirectoryA
FindClose
GetProcAddress
OpenFile
FindFirstFileA
FindNextFileA
LoadLibraryA

user32

IsCharAlphaA
CharUpperBuffA
GetSystemMetrics
CharNextA
wsprintfA
OemToCharA
IsCharAlphaNumericA

gdi32

CreateICA
GetDeviceCaps
DeleteDC

Exports

Exports

CbFindFileInTree
CbFindTargetOnEnvVar
CbGetDateOfFile
CbGetEnvVariableValue
CbGetIniKeyString
CbGetVersionOfFile
FDirExists
FDoesFileExist
FDoesIniKeyExist
FDoesIniSectionExist
FGetFileVersion
FGetLocalHardDrivesList
FGetNetworkDrivesList
FGetParallelPortsList
FGetProcessorType
FGetRemovableDrivesList
FGetSerialPortsList
FGetValidDrivesList
FHas87MathChip
FHasMonochromeDisplay
FHasMouseInstalled
FIsDriverInConfig
FIsLocalHardDrive
FIsRemoteDrive
FIsRemoveDrive
FIsValidDrive
GetExistingFOTFileForTTF
GetFreeSpaceDrive
GetTotalSpaceDrive
GetTypeFaceNameFromTTF
GetWindowsDir
GetWindowsSysDir
GetWindowsVersion
LGetVersionNthField
LcbFreeDrive
LcbGetSizeOfFile
LcbTotalDrive

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 8B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 758B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/VC98linker/Lib/MSDETSTF.LIB
/VC98linker/Lib/MSDTCPRX.LIB
/VC98linker/Lib/MSDTCTM.LIB
/VC98linker/Lib/MSGEMIT.LIB
/VC98linker/Lib/MSI.LIB
/VC98linker/Lib/MSIMG32.LIB
/VC98linker/Lib/MSINSSTF.DLL
.dll windows:1 windows x86 arch:x86

376cff9edcd513cdc64e839caeddf6aa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscomstf

FChmodFile
FValidDir
FCloseFileForReopen
SzLastChar
FGetBeepingMode
GrcFillPoerFromSymTab
DOSMkDir
FAddFileToUninstallList
CbReadFile
CbWriteFile
LfaSeekFile
DOSStat
DoMsgBox
ExtMessageBox
FRenameFile
FFileExist
FAddEnvToUninstallList
FGetNextUninstallProgManGroup
EercErrorHandler
FGetFirstUninstallProgManGroup
FGetNextUninstallEnv
FGetFirstUninstallEnv
FGetNextUninstallDir
FAddDirToUninstallList
GrcGetSectionFileLine
FSaveCurrentInfLine
FFindLineFromInfSectionKey
FAddProgManItemToUninstallList
FSetCurrentInfLine
FFreePsfd
DOSAccess
FAddProgManGroupToUninstallList
FCanCreateFile
DOSMkTemp
DOSGetcwd
DOSChDir
DOSRmDir
FReopenFile
SzListValueFromRgsz
FGetFirstUninstallDir
FGetFirstUninstallFile
FPrintPcln
RgszFromSzListValue
FReadUninstallData
FFreeRgsz
FAddSymbolValueToSymTab
FWriteSzToFile
SzFindSymbolValueInSymTab
FGetNextUninstallFile
FInitFreeTable
FRemoveFile
PsdleFromDid
PpclnHeadList
FWriteLogLine
FMakePathFromDirAndSubPath
FFreeCopyList
FFreePcln
CrcStringCompareI
FValidPath
EercOpenFile
FGetSilent
PppclnTailList
FHandleOOM
SzDupl
FCloseFile

msuilstf

FDoDialog
HdlgStackTop
ReactivateSetupScript
FKillNDialogs2
FDoDialog2
FKillNDialogs

msshlstf

HSetup

msdetstf

FGetFileVersion
GetExistingFOTFileForTTF
FDoesIniKeyExist
FDirExists

lz32

LZDone
LZCopy
LZOpenFileA
LZClose

crtdll

_strrev
realloc
_strnicmp
_chmod
atoi
free
_isctype
__mb_cur_max_dll
_pctype_dll
_initterm
_strdup
_itoa
_getdrive
_chdrive
_ltoa
_memccpy
strncmp
_open_osfhandle
_fstat
_memicmp
malloc
strchr
_chsize
atol

kernel32

FileTimeToDosDateTime
DeleteFileA
_llseek
GetPrivateProfileStringA
WriteProfileStringA
GetProfileStringA
FindNextFileA
GetCurrentProcess
RemoveDirectoryA
GetLastError
MoveFileExA
MoveFileA
GetDriveTypeA
FindFirstFileA
GetVersion
GetTempFileNameA
CreateFileA
FindClose
SetFileTime
lstrcatA
CloseHandle
lstrlenA
OpenFile
lstrcpyA
GetTickCount
BeginUpdateResourceA
UpdateResourceA
EndUpdateResourceA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GlobalAddAtomA
WinExec
GlobalDeleteAtom
GetDiskFreeSpaceA
GetProcAddress
FreeLibrary
WritePrivateProfileStringA
GetFileAttributesA
LoadLibraryA
_lclose
GetWindowsDirectoryA
GetFileTime
SetErrorMode

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA

user32

CharNextA
IsDialogMessageA
DispatchMessageA
TranslateMessage
PeekMessageA
CharUpperBuffA
MessageBeep
CharUpperA
ExitWindowsEx
CharLowerA
CharToOemA
WinHelpA
PostMessageA
FreeDDElParam
UnpackDDElParam
DefWindowProcA
CreateWindowExA
RegisterClassA
GetClassInfoA
GetDC
PackDDElParam
CharPrevA
UpdateWindow
BringWindowToTop
DestroyWindow
LoadCursorA
SetDlgItemTextA
SetWindowPos
MapDialogRect
GetClientRect
GetWindowRect
InvalidateRect
SetWindowWord
EndPaint
GetWindowWord
InflateRect
FrameRect
BeginPaint
SendDlgItemMessageA
EnableWindow
SetWindowTextA
GetSysColor
GetWindowTextA
LoadStringA
wsprintfA
ShowWindow
GetWindowLongA
ReleaseDC
GetMessageA
SendMessageA
OemToCharA

gdi32

GetStockObject
SetTextColor
GetTextExtentPointA
SetBkColor
GetDeviceCaps
ExtTextOutA
SelectObject

Exports

Exports

BuildCompressFileName
DateFromSz
DdeSendConnect
DoesAnyFileNeedCopying
FActivateProgMan
FAddToBillboardList
FAddToRestartFile
FBuildFullBakPath
FBuildFullDstPath
FBuildFullSrcPath
FClearBillboardList
FConvertAndStoreRglInSymTab
FCopyFile
FCopyListFile
FCopyOneFile
FCreateDir
FCreateIniKeyValue
FCreateProgManGroup
FCreateProgManGroupEx
FCreateProgManItem
FCreateProgManItemEx
FCreateSysIniKeyValue
FDdeExec
FDdeInit
FDdeTerminate
FDdeWait
FDumpCopyListToFile
FEndProgManDde
FExitExecRestart
FFileInUse
FFreePbbb
FHideBillboardDialog
FIncrementBillboardCurTicks
FInitProgManDde
FInitializeInstall
FInstRemoveableDrive
FIsDirWritable
FIsFileWritable
FIsRemoveDrive
FPrependToPath
FRemoveDir
FRemoveIniKey
FRemoveIniSection
FRemoveProgManGroup
FRemoveProgManGroupEx
FRemoveProgManItem
FRemoveProgManItemEx
FRestartListEmpty
FSetEnvVariableValue
FSetRestartDir
FShowBillboardDialog
FShowProgManGroup
FShowProgManGroupEx
FStampResource
FUninstall
FYield
ForceRestartOn
GetCopyMode
GetDecompMode
GrcCopyFilesInCopyList
LcbGetCopyListCost
MyDdeConnect
NDriveNumber
NLangFromFile
PbbbAlloc
ProBarProc
ProDlgProc
ProSetPos
RemoveEnvVariable
ResetCopyList
SetCopyMode
SetDecompMode
SetEnvVariable
SetSizeCheckMode
SetTimeValue
SzFindExt
SzFindFileFromPath
SzFindNthIniField
TerminateInstall
WFindFileUsingFileOpen
WFindSrcFileName
WPromptForDisk
WndProcDde
YnrcBackupFile
YnrcEnsurePathExists
YnrcFileReadOnly
YnrcNewerExistingFile
YnrcRemoveFile
fnText

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

COPYA_TE
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

COPYB_TE
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

COPYC_TE
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

COPYD_TE
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

COPYE_TE
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 20B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 21B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/VC98linker/Lib/MSINSSTF.LIB
/VC98linker/Lib/MSJAVA.LIB
/VC98linker/Lib/MSLSP32.LIB
/VC98linker/Lib/MSRATING.LIB
/VC98linker/Lib/MSSHLSTF.DLL
.dll windows:1 windows x86 arch:x86

1c4f720a89bd5675bb09d43760ca15af

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscomstf

FHandleOOM
FAddSymbolValueToSymTab
FFileExist
FSetSilent
EercErrorHandler
SzProcessSz
SzProcessSzForSyms
FInitSymTab
ExtMessageBox
FValidPath
CbStrCopyToBuffer
DoMsgBox
SzDupl

msuilstf

FKillNDialogs
HdlgStackTop
SetScriptFile
HdlgHelpTop

msinsstf

TerminateInstall
FCopyFile

crtdll

_initterm
malloc
realloc
free

kernel32

FreeLibrary
GlobalFree
GlobalAlloc
lstrcpyA
GetDriveTypeA
LoadLibraryA
lstrlenA
lstrcatA
GetVersion
GetModuleFileNameA

user32

CharNextA
ExitWindowsEx
CharUpperBuffA
GetWindow
GetWindowLongA
OemToCharA
AppendMenuA
DeleteMenu
GetSystemMenu
RegisterClassA
LoadCursorA
ShowWindow
GetClientRect
BeginPaint
GetDialogBaseUnits
ShowCursor
SetCursor
GetDC
DestroyWindow
LoadStringA
LoadBitmapA
InvalidateRect
UpdateWindow
PostMessageA
GetActiveWindow
GetLastActivePopup
EndPaint
SendMessageA
GetSystemMetrics
LoadIconA
CreateWindowExA
DefWindowProcA
GetParent
ReleaseDC

gdi32

SaveDC
RealizePalette
GetClipBox
CreatePalette
SelectPalette
DeleteDC
SelectObject
SetWindowOrgEx
IntersectClipRect
CreateCompatibleDC
CreateSolidBrush
ExcludeClipRect
RestoreDC
DeleteObject
GetObjectA
BitBlt

Exports

Exports

CleanupTrap
DontShowFrameInitially
FRestoreCursor
FSetAbout
FSetBitmap
FSetSymbolSubst
FSetSymbolSubsym
FSetSymbolValue
FrameWndProc
HSetup
HShowWaitCursor
HinstFrame
HwndFrame
InitializeFrame
TerminateFrame

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 8B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 19B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 411B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/VC98linker/Lib/MSSHLSTF.LIB
/VC98linker/Lib/MSTASK.LIB
/VC98linker/Lib/MSUILSTF.DLL
.dll windows:1 windows x86 arch:x86

17c9574de4374c7d2913b42d205ee741

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscomstf

EercErrorHandler
FHandleOOM
FFileExist

msshlstf

HwndFrame
HinstFrame

crtdll

_stricmp
_initterm
atol
strcspn
strtok
malloc
free
wcslen
wcstombs
atoi

kernel32

SetFilePointer
GetAtomNameA
AddAtomA
GetVersion
GlobalAlloc
FreeLibrary
FindResourceA
GetProcAddress
LoadLibraryA
lstrcpynA
CloseHandle
lstrcpyA
GlobalFree
lstrlenA
WriteFile
LoadResource
GetPrivateProfileIntA
CreateFileA
GetPrivateProfileStringA

user32

GetMessageA
DestroyWindow
SetWindowPos
CreateDialogParamA
GetParent
SendMessageA
GetWindowLongA
EnableWindow
GetWindow
DispatchMessageA
TranslateMessage
SetFocus
GetFocus
PostMessageA
IsDialogMessageA
GetKeyState
SetWindowLongA
wsprintfA
GetDlgItem
SetActiveWindow
GetWindowTextA
GetNextDlgTabItem

Exports

Exports

FCloseHelp
FDoDialog
FDoDialog2
FDoDialogExt
FGstGenericDlgProc
FGstGenericHelpDlgProc
FKillNDialogs
FKillNDialogs2
HdlgHelpTop
HdlgShowHelp
HdlgStackTop
ReactivateSetupScript
SetScriptFile

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 8B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 373B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/VC98linker/Lib/MSUILSTF.LIB
/VC98linker/Lib/MSVCIRT.LIB
/VC98linker/Lib/MSVCPRT.LIB
/VC98linker/Lib/MSVCRT.LIB
/VC98linker/Lib/MSWSOCK.LIB
/VC98linker/Lib/MTX.LIB
/VC98linker/Lib/MTXDM.LIB
/VC98linker/Lib/MTXGUID.LIB
/VC98linker/Lib/MTXIH.LIB
/VC98linker/Lib/MTXOCI.LIB
/VC98linker/Lib/NAL.LIB
/VC98linker/Lib/NDDEAPI.LIB
/VC98linker/Lib/NETAPI32.LIB
/VC98linker/Lib/NEWMODE.OBJ
/VC98linker/Lib/NEWPST.LIB
/VC98linker/Lib/NMAPI.LIB
/VC98linker/Lib/NTMSAPI.LIB
/VC98linker/Lib/NTQUERY.LIB
/VC98linker/Lib/NTWDBLIB.LIB
/VC98linker/Lib/OBJECTTY.LIB
/VC98linker/Lib/OCX96.LIB
/VC98linker/Lib/ODBC32.LIB
/VC98linker/Lib/ODBCCP32.LIB
/VC98linker/Lib/OLDNAMES.LIB
/VC98linker/Lib/OLE32.LIB
/VC98linker/Lib/OLEACC.LIB
/VC98linker/Lib/OLEAUT32.LIB
/VC98linker/Lib/OLEDB.LIB
/VC98linker/Lib/OLEDLG.LIB
/VC98linker/Lib/OLEPRO32.LIB
/VC98linker/Lib/OPENDS60.LIB
/VC98linker/Lib/OPENGL32.LIB
/VC98linker/Lib/OSPTK.LIB
/VC98linker/Lib/PARSER.LIB
/VC98linker/Lib/PDH.LIB
/VC98linker/Lib/PENTER.LIB
/VC98linker/Lib/PENWIN32.LIB
/VC98linker/Lib/PKPD32.LIB
/VC98linker/Lib/PROPTAG.LIB
/VC98linker/Lib/QUARTZ.LIB
/VC98linker/Lib/RASAPI32.LIB
/VC98linker/Lib/RASDLG.LIB
/VC98linker/Lib/RASSAPI.LIB
/VC98linker/Lib/RENDID.LIB
/VC98linker/Lib/RESUTILS.LIB
/VC98linker/Lib/RNDNOTID.LIB
/VC98linker/Lib/RPCNDR.LIB
/VC98linker/Lib/RPCNS4.LIB
/VC98linker/Lib/RPCRT4.LIB
/VC98linker/Lib/RTFLIB32.LIB
/VC98linker/Lib/RTM.LIB
/VC98linker/Lib/RTUTILS.LIB
/VC98linker/Lib/RULECLS.LIB
/VC98linker/Lib/SADAPI.LIB
/VC98linker/Lib/SAMPRM.LIB
/VC98linker/Lib/SCARDDAT.TLB
/VC98linker/Lib/SCARDDLG.LIB
/VC98linker/Lib/SCARDMGR.TLB
/VC98linker/Lib/SCARDSRV.TLB
/VC98linker/Lib/SCRNSAVE.LIB
/VC98linker/Lib/SCRNSAVW.LIB
/VC98linker/Lib/SDKUTIL.LIB
/VC98linker/Lib/SDPBLBID.LIB
/VC98linker/Lib/SETARGV.OBJ
/VC98linker/Lib/SETUPAPI.LIB
/VC98linker/Lib/SHELL32.LIB
/VC98linker/Lib/SHLWAPI.LIB
/VC98linker/Lib/SLBS.LIB
/VC98linker/Lib/SMSAPI.LIB
/VC98linker/Lib/SNACLI.LIB
/VC98linker/Lib/SNANLS.LIB
/VC98linker/Lib/SNMPAPI.LIB
/VC98linker/Lib/SPORDER.LIB
/VC98linker/Lib/STATS.LIB
/VC98linker/Lib/STRMBASE.LIB
/VC98linker/Lib/STRMIIDS.LIB
/VC98linker/Lib/SVCSRVL.LIB
/VC98linker/Lib/SVRAPI.LIB
/VC98linker/Lib/T3IID.LIB
/VC98linker/Lib/TAPI32.LIB
/VC98linker/Lib/TH32.LIB
/VC98linker/Lib/THUNK32.LIB
/VC98linker/Lib/TOOLBAR.LIB
/VC98linker/Lib/TRNSDT.LIB
/VC98linker/Lib/TSSQSEC.LIB
/VC98linker/Lib/TSSUTIL.LIB
/VC98linker/Lib/URL.LIB
/VC98linker/Lib/URLHLINK.LIB
/VC98linker/Lib/URLMON.LIB
/VC98linker/Lib/USER32.LIB
/VC98linker/Lib/UTIL.LIB
/VC98linker/Lib/UUID.LIB
/VC98linker/Lib/VDMDBG.LIB
/VC98linker/Lib/VERSION.LIB
/VC98linker/Lib/VFW32.LIB
/VC98linker/Lib/WAPPC32.LIB
/VC98linker/Lib/WCPIC32.LIB
/VC98linker/Lib/WEBPOST.LIB
/VC98linker/Lib/WIN32SPL.LIB
/VC98linker/Lib/WINCSV32.LIB
/VC98linker/Lib/WININET.LIB
/VC98linker/Lib/WINMM.LIB
/VC98linker/Lib/WINRUI32.LIB
/VC98linker/Lib/WINSCARD.LIB
/VC98linker/Lib/WINSLI32.LIB
/VC98linker/Lib/WINSPOOL.LIB
/VC98linker/Lib/WINSTRM.LIB
/VC98linker/Lib/WINTRUST.LIB
/VC98linker/Lib/WINWRAP.LIB
/VC98linker/Lib/WLDAP32.LIB
/VC98linker/Lib/WOW32.LIB
/VC98linker/Lib/WS2_32.LIB
/VC98linker/Lib/WSETARGV.OBJ
/VC98linker/Lib/WSNMP32.LIB
/VC98linker/Lib/WSOCK32.LIB
/VC98linker/Lib/WST.LIB
/VC98linker/Lib/XASWITCH.LIB
/VC98linker/Lib/XASWITCH.OBJ
/VC98linker/Lib/XOLEHLP.LIB
/VC98linker/MFC/Lib/EAFXIS.LIB
/VC98linker/MFC/Lib/MFC42.LIB
/VC98linker/MFC/Lib/MFCS42.LIB
/VC98linker/MFC/Lib/NAFXCW.LIB
/VC98linker/MFC/Lib/NAFXIS.LIB
/VC98linker/MFC/Lib/UAFXCW.LIB
/VC98linker/link.e
/VC98linker/readme.txt
/e.exe
.exe windows:4 windows x86 arch:x86

d099486a5bde7a3c0e20b00a33891200

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA

imm32

ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext

kernel32

VirtualFree
VirtualAlloc
IsBadWritePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadCodePtr
SetConsoleCtrlHandler
GetLocaleInfoW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapCreate
HeapDestroy
LCMapStringW
LCMapStringA
GetTickCount
DeviceIoControl
DeleteFileA
GetLastError
GetSystemTime
CreateFileA
Sleep
CopyFileA
GetCurrentDirectoryA
GetFileAttributesA
GetSystemDirectoryA
GetVersion
CloseHandle
CreateProcessA
GlobalUnlock
GlobalLock
GlobalAlloc
SizeofResource
LockResource
LoadResource
FindResourceA
FindClose
FindNextFileA
FindFirstFileA
CreateDirectoryA
SetThreadContext
GetThreadContext
WriteProcessMemory
GetTempFileNameA
HeapSize
GetACP
GetLocalTime
OpenMutexA
GetOverlappedResult
GetCurrentProcessId
GlobalMemoryStatus
QueryPerformanceCounter
FlushConsoleInputBuffer
GetProfileStringA
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
CreateFileW
GetTimeZoneInformation
ExitThread
CreateThread
RaiseException
GetCommandLineA
GetStartupInfoA
ExitProcess
RtlUnwind
SetErrorMode
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GlobalFlags
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetProfileIntA
GetPrivateProfileStringA
GetPrivateProfileIntA
ReleaseMutex
CreateMutexA
GetCurrentThread
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
GetDiskFreeSpaceA
GetFileTime
SetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
SetLastError
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
lstrcpynA
lstrcmpiA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
FormatMessageA
LocalFree
InterlockedDecrement
InterlockedIncrement
WaitForMultipleObjects
WideCharToMultiByte
FreeLibrary
MultiByteToWideChar
GetCurrentThreadId
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
UnmapViewOfFile
OpenFileMappingA
MapViewOfFile
GlobalGetAtomNameA
lstrcatA
lstrlenA
WinExec
lstrcpyA
ResetEvent
MoveFileA
WritePrivateProfileStringA
WaitForSingleObject
GetTempPathA
GetWindowsDirectoryA
lstrcmpA
GlobalAddAtomA
DeleteAtom
GetModuleFileNameA
GetPrivateProfileSectionA
GetComputerNameA
IsBadReadPtr
GlobalReAlloc
MulDiv
GetProcAddress
TerminateProcess
SetCurrentDirectoryA
OpenProcess
ContinueDebugEvent
WaitForDebugEvent
ReadProcessMemory
SetEvent
GlobalSize
GlobalFree
PulseEvent
BeginUpdateResourceA
UpdateResourceA
EndUpdateResourceA
GetVersionExA
LoadLibraryA

user32

PostQuitMessage
SetCursorPos
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
CharUpperA
TranslateMessage
ValidateRect
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsA
DefMDIChildProcA
TranslateAcceleratorA
TranslateMDISysAccel
DefFrameProcA
BringWindowToTop
MapWindowPoints
DeferWindowPos
WinHelpA
RegisterClassA
TrackPopupMenu
CreateWindowExA
SetPropA
GetPropA
RemovePropA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
IsIconic
GetWindowTextLengthA
IsDialogMessageA
ScrollWindowEx
SendDlgItemMessageA
LoadStringA
GetNextDlgTabItem
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
GetWindowLongA
WindowFromPoint
SetWindowLongA
CallWindowProcA
GetWindowThreadProcessId
ShowOwnedPopups
CreateIconFromResourceEx
CreateIconFromResource
AdjustWindowRectEx
ModifyMenuA
SetCaretPos
DestroyCaret
ShowCaret
CreateCaret
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
IsClipboardFormatAvailable
GetDlgItem
SetWindowPos
MoveWindow
EqualRect
UnionRect
DestroyWindow
GetClassLongA
TrackPopupMenuEx
GetDesktopWindow
GetMenuItemID
InsertMenuA
CheckMenuItem
GetMessageA
DispatchMessageA
GetSystemMenu
EnableMenuItem
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
UnregisterClassA
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
GetProcessWindowStation
GetMenu
BeginDeferWindowPos
GetTopWindow
GetDlgCtrlID
GetWindow
EndDeferWindowPos
GetFocus
ScreenToClient
AppendMenuA
RemoveMenu
GetMenuItemCount
DrawMenuBar
IsZoomed
UnregisterHotKey
RegisterHotKey
DestroyCursor
MessageBeep
GetKeyState
FindWindowA
RegisterClipboardFormatA
DestroyMenu
SetMenu
DeleteMenu
InvertRect
CharNextA
SetWindowContextHelpId
AttachThreadInput
MapDialogRect
GetClassNameA
SendMessageTimeoutA
EnumWindows
RegisterWindowMessageA
GetWindowTextA
SetWindowTextA
IsChild
GetClipboardData
LoadIconA
SetFocus
IntersectRect
DrawIcon
DrawIconEx
CopyIcon
DestroyIcon
MessageBoxA
LoadMenuA
GetSubMenu
GetDC
KillTimer
GetUserObjectInformationW
SetTimer
GetClassInfoA
DefWindowProcA
GetDCEx
ReleaseDC
LockWindowUpdate
ClientToScreen
IsRectEmpty
SetCursor
LoadCursorA
SetParent
SetRectEmpty
EnumThreadWindows
IsWindowEnabled
GetSysColorBrush
IsWindowVisible
SetForegroundWindow
GetMenuStringA
CopyAcceleratorTableA
ShowWindow
SetActiveWindow
GetNextDlgGroupItem
PeekMessageA
GetMessagePos
GetClientRect
SystemParametersInfoA
SetRect
IsWindow
RedrawWindow
FillRect
GetSystemMetrics
DrawFrameControl
DrawEdge
InflateRect
DrawFocusRect
UpdateWindow
GetCapture
GetMenuItemInfoA
PostThreadMessageA
ReleaseCapture
SetCapture
GetCursorPos
GetWindowRect
PtInRect
CopyRect
GetSysColor
OffsetRect
LoadBitmapA
EnableWindow
InvalidateRect
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
wsprintfA
GetParent
PostMessageA
SendMessageA
HideCaret
GetWindowPlacement

gdi32

SetROP2
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
GetViewportExtEx
CreatePatternBrush
PtVisible
RectVisible
TextOutA
Escape
GetMapMode
SetRectRgn
DPtoLP
GetTextMetricsA
CreateDCA
StretchDIBits
GetCharWidthA
CreateFontA
GetTextColor
LPtoDP
SetBkMode
SelectPalette
RestoreDC
SaveDC
SetBkColor
CreateDIBitmap
GetTextExtentPointA
SetTextColor
GetClipBox
GetClipRgn
SelectClipRgn
SetPixelV
EnumFontFamiliesExA
GetWindowExtEx
StretchBlt
AbortDoc
ExtTextOutA
StartDocA
StartPage
EndPage
EndDoc
CreateRectRgn
DeleteDC
CreateSolidBrush
GetCurrentObject
CreateRectRgnIndirect
CombineRgn
GetBkColor
PaintRgn
PtInRegion
DeleteObject
CreateCompatibleBitmap
CreateBitmap
FillRgn
CreatePolygonRgn
CreateCompatibleDC
BitBlt
SelectObject
GetStockObject
GetDeviceCaps
RealizePalette
CreatePen
GetTextExtentPoint32A
CreateFontIndirectA
CreatePalette
Rectangle
GetObjectA
PatBlt

comdlg32

GetFileTitleA
GetOpenFileNameA
ChooseColorA
ChooseFontA
PrintDlgA
CommDlgExtendedError
GetSaveFileNameA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegEnumKeyA
ReportEventA
DeregisterEventSource
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
CloseServiceHandle
StartServiceA
OpenServiceA
CreateServiceA
DeleteService
ControlService
OpenSCManagerA
RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegSetValueA
RegCreateKeyA
RegQueryValueA
RegOpenKeyA
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
RegisterEventSourceA
GetFileSecurityA
SetFileSecurityA
RegQueryValueExA

shell32

SHGetFileInfoA
DragQueryFileA
DragFinish
DragAcceptFiles
ShellExecuteA
ExtractIconA

comctl32

_TrackMouseEvent
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_Remove
ImageList_Duplicate
ImageList_Draw
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_Read
ImageList_Write
ord17

oledlg

ord8

ole32

CoTaskMemFree
CoTaskMemAlloc
CoGetClassObject
CLSIDFromProgID
OleUninitialize
OleInitialize
CoCreateGuid
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleDraw
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CLSIDFromString

olepro32

ord253

oleaut32

SysStringLen
VariantTimeToSystemTime
SysAllocStringLen
SysFreeString
VariantClear
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SysAllocString
SysAllocStringByteLen
VariantChangeType
VariantCopy

hid

HidD_GetHidGuid
HidD_GetAttributes
HidD_FlushQueue

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA

winscard

SCardTransmit
SCardReleaseContext
SCardDisconnect
g_rgSCardT1Pci
SCardReconnect
SCardListReadersA
SCardEstablishContext
SCardConnectA

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 328KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 176KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 744KB - Virtual size: 743KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30333ef5a2dd21199d66d4427807be6f

Headers

File Characteristics

Imports

msvcrt

kernel32

Sections

.text Size: 10KB - Virtual size: 9KB

.data Size: 512B - Virtual size: 2KB

.rsrc Size: 3KB - Virtual size: 2KB

902dded724686f82a71d82ffbdff7c62

Headers

File Characteristics

Imports

msvcrt

Sections

.text Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 60B

.rsrc Size: 4KB - Virtual size: 928B

902dded724686f82a71d82ffbdff7c62

Headers

File Characteristics

Imports

msvcrt

Sections

.text Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 60B

.rsrc Size: 4KB - Virtual size: 928B

902dded724686f82a71d82ffbdff7c62

Headers

File Characteristics

Imports

msvcrt

Sections

.text Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 60B

.rsrc Size: 4KB - Virtual size: 912B

a4b534403cf4df6c9175820e7b606e96

Headers

File Characteristics

Imports

mspdb60

msvcrt

kernel32

Sections

.text Size: 416KB - Virtual size: 415KB

.data Size: 4KB - Virtual size: 182KB

.rsrc Size: 28KB - Virtual size: 27KB

cbe32dbbd3f0ce2c68744ad838770335

Headers

File Characteristics

Imports

msvcrt

advapi32

kernel32

Exports

Exports

Sections

.text Size: 156KB - Virtual size: 153KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 936B

.reloc Size: 8KB - Virtual size: 5KB

45043dab895dfd895564d204d052c3f5

Headers

File Characteristics

Imports

imagehlp

kernel32

user32

Sections

.text Size: 42KB - Virtual size: 42KB

.data Size: 10KB - Virtual size: 16KB

.rsrc Size: 1024B - Virtual size: 960B

5ea1f0ae6aac6eb9bf3664a3e6027027

Headers

.text
Size: 10KB - Virtual size: 9KB

.data
Size: 512B - Virtual size: 2KB

.rsrc
Size: 3KB - Virtual size: 2KB

.text
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 60B

.rsrc
Size: 4KB - Virtual size: 928B

.text
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 60B

.rsrc
Size: 4KB - Virtual size: 928B

.text
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 60B

.rsrc
Size: 4KB - Virtual size: 912B

.text
Size: 416KB - Virtual size: 415KB

.data
Size: 4KB - Virtual size: 182KB

.rsrc
Size: 28KB - Virtual size: 27KB

.text
Size: 156KB - Virtual size: 153KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 936B

.reloc
Size: 8KB - Virtual size: 5KB

.text
Size: 42KB - Virtual size: 42KB

.data
Size: 10KB - Virtual size: 16KB

.rsrc
Size: 1024B - Virtual size: 960B

.text
Size: 44KB - Virtual size: 43KB

ERROR1B_
Size: 512B - Virtual size: 288B

INF18B_T
Size: 5KB - Virtual size: 5KB

LIST1B_T
Size: 1KB - Virtual size: 1KB

.bss
Size: - Virtual size: 20B

.rdata
Size: 512B - Virtual size: 20B

.data
Size: 3KB - Virtual size: 2KB

.idata
Size: 2KB - Virtual size: 1KB

.edata
Size: 5KB - Virtual size: 4KB

.CRT
Size: 512B - Virtual size: 8B

.rsrc
Size: 19KB - Virtual size: 18KB

.reloc
Size: 3KB - Virtual size: 2KB

.text
Size: 10KB - Virtual size: 9KB

.bss
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 20B

.data
Size: 1KB - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 1KB

.edata
Size: 1KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 8B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 758B

.text
Size: 23KB - Virtual size: 23KB

COPYA_TE
Size: 3KB - Virtual size: 3KB

COPYB_TE
Size: 3KB - Virtual size: 2KB

COPYC_TE
Size: 3KB - Virtual size: 3KB

COPYD_TE
Size: 2KB - Virtual size: 2KB

COPYE_TE
Size: 3KB - Virtual size: 2KB

.bss
Size: - Virtual size: 20B

.rdata
Size: 512B - Virtual size: 21B