2a26c40da5eb3250fdc1f7613b033176_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a26c40da5eb3250fdc1f7613b033176_JaffaCakes118
Size

8.2MB
MD5

2a26c40da5eb3250fdc1f7613b033176
SHA1

1d48d5a1bb44063e2f649c2e60097b77257ecc51
SHA256

86ccfd5c2d5cf828fd8bfc63c5a6fb191a180563ac69b93da9425c20bf87e19d
SHA512

c8a82d47d8d0e7db5f43c1a27d866199ff24dc5c2c39d38825e8caeba6480c071552936f865fa99ee160686ec747118511d99834d3d81976cc884a95f1a86690
SSDEEP

196608:XBemJzXTOq/AiRxO/NJbiIjk5h3pdvzCs75ucNJ7exwi:XBemJzXh/AiRxAJiucxnvzC45uAiwi

Score

3^/10

Malware Config

Signatures

Unsigned PE 24 IoCs

Checks for missing Authenticode signature.

resource
unpack002/ACMSETUP.EXE
unpack002/ASYCFILT.DLL
unpack002/CALC.EXE
unpack002/COMCAT.DLL
unpack002/FOXHHELP.EXE
unpack002/FOXHHE~1.DLL
unpack002/FOXLIB2.DLL
unpack002/HH.EXE
unpack002/HSETUP.EXE
unpack002/ITIRCL.DLL
unpack002/ITSS.DLL
unpack002/MSSETUP.DLL
unpack002/MSVCRT.DLL
unpack002/MSVCRT40.DLL
unpack002/NOTEPAD.EXE
unpack002/OLEAUT32.DLL
unpack002/OLEPRO32.DLL
unpack002/STDOLE2.TLB
unpack002/VFP6R.DLL
unpack002/VFP6RENU.DLL
unpack002/VFP6RUN.EXE
unpack002/WIZSET32.DLL
unpack002/��ʦ��~1.EXE
unpack001/教师考核计算系统2.0/odbcstf.dll

Files

2a26c40da5eb3250fdc1f7613b033176_JaffaCakes118
.rar
下载说明.htm
.html
教师考核计算系统2.0/SETUP1.CAB
.cab
ACMSETUP.EXE
.exe windows:1 windows x86 arch:x86

d057661fa0c57da4e10eca58cdf1dc72

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
lstrcpynA
SetFileTime
GetFileTime
GetCurrentDirectoryA
FindFirstFileA
GetDiskFreeSpaceA
GetShortPathNameA
SetCurrentDirectoryA
HeapDestroy
HeapAlloc
GetSystemDirectoryA
GetVersionExA
GlobalUnlock
HeapCreate
GlobalLock
GetComputerNameA
GetLocalTime
LoadLibraryA
lstrcmpA
GetTickCount
GetProcAddress
FreeLibrary
SetErrorMode
GetDriveTypeA
GetLocaleInfoA
GlobalHandle
GetVolumeInformationA
lstrcatA
IsDBCSLeadByte
LoadResource
FindResourceA
CompareStringA
VirtualAlloc
RtlUnwind
VirtualFree
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapFree
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
WideCharToMultiByte
GetCommandLineA
GetStartupInfoA
SetEnvironmentVariableA
GetFullPathNameA
FindNextFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetSystemTime
GetTimeZoneInformation
GetCurrentProcess
TerminateProcess
ExitProcess
lstrcpyA
LockResource
FreeResource
GetLogicalDrives
GetLogicalDriveStringsA
SetFileAttributesA
DeleteFileA
GlobalMemoryStatus
CreateFileA
ReadFile
SetFilePointer
OpenFile
WriteFile
CloseHandle
MultiByteToWideChar
GetModuleFileNameA
GlobalAlloc
GlobalFree
GetPrivateProfileStringA
lstrcmpiA
GetLastError
GetWindowsDirectoryA
GetTempPathA
GetModuleHandleA
LoadLibraryExA
GetVersion
GetSystemDefaultLCID
CompareStringW
MulDiv
lstrlenA
HeapReAlloc

advapi32

RegCreateKeyExA
RegEnumKeyExA
RegSetValueExA
GetUserNameA
RegEnumValueA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyA
RegCloseKey

user32

GetWindowLongA
GetWindowTextA
BeginPaint
SetWindowLongA
FillRect
DrawFocusRect
SetRect
GetActiveWindow
EndDialog
RegisterClassA
LoadCursorA
LoadStringA
LoadBitmapA
CharUpperBuffA
SetFocus
GetDlgItemInt
GetSystemMetrics
GetFocus
CallWindowProcA
GetClassLongA
CopyRect
CharLowerA
SetCursor
ShowCursor
InvalidateRect
ScreenToClient
BroadcastSystemMessage
SendNotifyMessageA
GetDlgCtrlID
MessageBeep
InvertRect
CharUpperA
InflateRect
CheckRadioButton
CharNextA
SendDlgItemMessageA
GetSysColor
DestroyWindow
GetParent
MessageBoxA
GetKeyState
EnableWindow
LoadIconA
DrawIcon
EndPaint
DefWindowProcA
ReleaseDC
SetWindowTextA
CharPrevA
GetDlgItemTextA
wsprintfA
GetDialogBaseUnits
GetClientRect
ClientToScreen
ShowWindow
IsWindowEnabled
GetDlgItem
PostMessageA
GetWindow
SendMessageA
GetDC
DrawTextA
GetWindowRect
SetWindowPos
SetDlgItemTextA
GetSystemMenu
RemoveMenu
FindWindowA
SetForegroundWindow

gdi32

SetTextColor
GetObjectA
CreateCompatibleDC
BitBlt
CreateDiscardableBitmap
CreateDIBitmap
GetTextMetricsA
GetStockObject
AddFontResourceA
RemoveFontResourceA
CreateScalableFontResourceA
PatBlt
StretchBlt
CreateSolidBrush
CreatePatternBrush
CreateBitmap
RestoreDC
IntersectClipRect
SaveDC
GetPixel
GetNearestColor
SetBkColor
SelectObject
GetTextExtentPointA
DeleteObject
ExtTextOutA
CreateFontIndirectA
DeleteDC
CreateCompatibleBitmap
GetDeviceCaps

ole32

OleInitialize
OleUninitialize
CoCreateInstance

mpr

WNetAddConnection2A
WNetCancelConnection2A
WNetGetLastErrorA
WNetConnectionDialog
WNetCancelConnectionA
WNetAddConnectionA
WNetGetConnectionA

mssetup

FLongFileNamesSuppressed
CreateIniKeyValue
InitLongFileNames
SetAcmeInst
WriteLogDivider
FWriteToLogFile
SetErrorParamConst
PrependToPath
AddShareToAutoexec
RenameFile
GetEnvVariableValue
StampResource
FReadResource
CompareFileVersions
SetErrorParamInt
EercOpenFile
LfaSeekFile
CbReadFile
FCloseFile
CbStrCopyToBuffer
FLanguageMismatchInf
FChmodFile
AddLineToRestartFile
GetSectionKeyFilename
FGetKeyInfo
GetVersionNthField
TermIME
FRemoveOurDir
HmodUIHookDll
DoesInfSectionKeyExist
EnsurePathExists
SetErrorParamCopy
CreateProgmanItem
ShowProgmanGroup
DeleteProgmanItem
MakeListFromProgmanGroups
IsFileInUseBySystem
ReactivateSetupScript
FSetSymbolValue
HdlgShowHelp
ProcessMessageId
DoesIniKeyExist
UIPop
ForceNewDialog
GetScreenHeight
UIStartExeDlg
GetWindowsMode
SzLastChar
IsCtl3dEnabled
RemoveSymbol
GetListItem
GetListLength
UIStartExeDlgWinHelp
GetSymbolValue
SetPassInfo
HwndFrame
CopyFilesInCopyList
LogMessageId
Validate
GetCopyListCost
ClearCopyList
SetRestartDir
HandleOOM
PbAlloc
DoesFileExist
ReadInfFile
AddListItem
ClearBillboardList
SetCopyGaugePosition
ReplaceListItem
GetFreeSpaceForDrive
DriveNumToRootPath
SetErrorParam
FValidFilePath
IsDriveNetwork
CrcStringCompareI
CbGetListItem
GetNetworkDrivesList
SetSymbolValue
DoesDirExist
GetWindowsSysDir
IsWindowsShared
ShowWaitCursor
RestoreCursor
FRegCloseKey
SetRegKeyValue32Ex
GetRegKeyValue32Ex
FRegCreateKey32
DeleteRegKeyValue32
ForceRestartOn
EnableIME
InitIME
InitSetupToolkit
SetFEFontProc
GetSectionKeyVersion
DoesInfSectionExist
GetRegKeyValue32
GetScreenWidth
DoMsgBox
SuppressLongFileNames
SetAdminMode
SetSilentMode
SetTitle
SetBitmap
SetSizeCheckMode
SetAbout
EndSetupToolkit
FCloseLogFile
FFree
ExitExecRestart
RestartListEmpty
GetDOSMajorVersion
IsDirWritable
GetWindowsDirPath
SetRegKeyValue32
RemoveIniKey
RemoveDir
CrcStringCompare
GetIniKeyString
FOpenLogFile
SzGetLastSetupErrMsg
FindFileInTree
CbGetSymbolValue
IsWindows
OpenIME
RemoveFile
FCloseSrcFile
EercReadSrcFile
EercOpenSrcFileEx
EercWriteSrcFile
EercOpenSrcFile
IsDriveRemovable
EercFindHddiFloppy
SetErrorParamChar
GetVersionOfFile
IsDriveLocalHard
IsFileWritable
AddSectionKeyFileToCopyList
FindTargetOnEnvVar
GetNthFieldFromIniString
FindFileUsingFileOpen
AddToBillboardList
GetSectionKeySize
RemoveSectionKeyFileToCopyList
RemoveSpecialFileToCopyList
AddSpecialFileToCopyList
LogValidate
BindImage
MakeListFromSectionSize
RemoveSectionFilesToCopyList
AddSectionFilesToCopyList
CreateDir

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

shell32

ShellExecuteA

Sections

.text
Size: 207KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 87KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ACMSETUP.HLP
ASYCFILT.DLL
.dll windows:4 windows x86 arch:x86

28b659576236be75a4bbcbfa9113e470

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

ole32

ReleaseStgMedium

user32

UnionRect

gdi32

CreateSolidBrush
SetDIBits
SetMapMode
DeleteObject
PatBlt
GetCurrentObject
SelectObject
SetStretchBltMode
GetObjectA
GetNearestPaletteIndex
SetDIBColorTable
GetNearestColor
SelectPalette
SetDIBitsToDevice
StretchDIBits

kernel32

SetLastError
GetCPInfo
GetACP
GetStartupInfoA
InterlockedIncrement
InitializeCriticalSection
InterlockedDecrement
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetTickCount
lstrlenA
GlobalDeleteAtom
GlobalAddAtomA
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
HeapFree
GetModuleFileNameA
RtlUnwind
HeapAlloc
HeapReAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetLocaleInfoA
GetLocaleInfoW
GetOEMCP
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
LoadLibraryA
FlushFileBuffers
SetFilePointer
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetStdHandle
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
CloseHandle
ReadFile

Exports

Exports

DllCanUnloadNow
FilterCreateInstance

Sections

.text
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CALC.EXE
.exe windows:4 windows x86 arch:x86

500ff1538958cc73738bf0c262a1773f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA

user32

MessageBoxA

Sections

1626829
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

2263812
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

3760357
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
CALC.ICO
CLASSN~1.DBF
COMCAT.DLL
.dll regsvr32 windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 512B - Virtual size: 251B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CONFIG.FPW
FILELIST.DBF
FOXHHELP.EXE
.exe windows:4 windows x86 arch:x86

f3b41576a6979ef1dbcb2ca79384ac19

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
HeapAlloc
GetModuleFileNameA
GetStartupInfoA
lstrcpyA
HeapDestroy
lstrcatA
GetModuleHandleA
LeaveCriticalSection
DebugBreak
EnterCriticalSection
WideCharToMultiByte
MultiByteToWideChar
FindResourceA
LoadLibraryExA
SizeofResource
LoadResource
GetLastError
lstrlenA
FreeLibrary
lstrcpynA
HeapCreate
InitializeCriticalSection
GetFileAttributesA
InterlockedDecrement
lstrlenW
InterlockedIncrement
LoadLibraryA
GetProcAddress
GetCurrentThreadId
DeleteCriticalSection
GetCommandLineA
CreateEventA
lstrcmpiA
Sleep
CloseHandle
CreateThread
WaitForSingleObject
HeapReAlloc
HeapFree
SetEvent
GetStringTypeW
GetStringTypeA
LCMapStringA
LCMapStringW

user32

IsWindow
GetMessageA
TranslateMessage
DispatchMessageA
CharNextA
PostThreadMessageA

advapi32

RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegEnumValueA
RegDeleteValueA
RegCloseKey
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteKeyA

ole32

CoRegisterClassObject
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoInitialize
CoUninitialize
CoRevokeClassObject

oleaut32

RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
VarI4FromStr
UnRegisterTypeLi

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xur
Size: - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
FOXHHE~1.DLL
.dll regsvr32 windows:4 windows x86 arch:x86

2feb96aed7c08ac62ffbb4f88a439a9c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

rpcrt4

NdrStubCall2
NdrStubForwardingFunction
NdrDllUnregisterProxy
NdrDllRegisterProxy
NdrDllCanUnloadNow
IUnknown_QueryInterface_Proxy
NdrOleFree
NdrOleAllocate
NdrCStdStubBuffer2_Release
NdrCStdStubBuffer_Release
IUnknown_Release_Proxy
NdrDllGetClassObject
IUnknown_AddRef_Proxy

oleaut32

BSTR_UserSize
BSTR_UserMarshal
BSTR_UserFree
BSTR_UserUnmarshal

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProxyDllInfo

Sections

.text
Size: 1024B - Virtual size: 652B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 210B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FOXLIB2.DLL
.dll windows:4 windows x86 arch:x86

28dde0b4e2c1821b8b7f4e0406fca3d1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WideCharToMultiByte
GetVersionExA
DeleteFileA
FreeResource
WriteFile
SizeofResource
LockResource
LoadResource
FindResourceA
GetCurrentDirectoryA
CloseHandle
CreateFileA
HeapCreate
VirtualFree
SetEnvironmentVariableA
CompareStringW
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
DeviceIoControl
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
HeapDestroy
GetOEMCP
GetACP
HeapFree
SetFilePointer
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
VirtualAlloc
HeapReAlloc
InitializeCriticalSection
RtlUnwind
GetCPInfo
CompareStringA
GetProcAddress
LoadLibraryA
SetStdHandle
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers

user32

MessageBoxIndirectA
LoadStringA

shell32

ShellExecuteA

Exports

Exports

GetBufferSize
GetDiskCylinders
GetDiskHeads
GetDiskSerial
GetModelNumber
GetRevisionNumber
GetSectorsOfTrack
GetSerialNumber

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FOXUSER.DBF
FOXUSER.FPT
FR.JPG
.jpg
GRADEA~1.CDX
GRADEA~1.DBF
GRADEC~1.CDX
GRADEC~1.DBF
GRADEN~1.DBF
GRADES~1.CDX
GRADES~1.DBF
HELP.ICO
HH.EXE
.exe windows:4 windows x86 arch:x86

8234ffa1c6f923cf35524f4e06333a2a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LoadLibraryA
GetProcAddress
FreeLibrary
GetACP
DeleteCriticalSection
GetStdHandle
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
lstrcpyA
GetOEMCP
SetHandleCount
GetFileType
SetStdHandle
SetFilePointer
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
HeapFree
HeapAlloc
VirtualAlloc
FlushFileBuffers
CloseHandle

user32

wsprintfA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HHCTRL.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

9e5f7ad409b9cdea37e6afb7208012a4

Code Sign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

shlwapi

StrCmpNA
StrChrA
StrCatW
StrCpyW
StrCmpNIW
StrCmpW
StrCmpNIA
StrCpyNW
StrStrIA
StrCmpIW
StrPBrkA
StrStrA

kernel32

_lwrite
SetFilePointer
GlobalAlloc
GlobalFree
_lcreat
CreateFileMappingA
MapViewOfFile
GlobalReAlloc
SetLastError
GetACP
GlobalUnlock
CompareStringW
GlobalLock
FormatMessageA
RtlUnwind
CompareFileTime
GetCommandLineA
TlsSetValue
GetLocaleInfoA
TlsFree
TlsGetValue
TerminateProcess
HeapReAlloc
HeapAlloc
HeapSize
FatalAppExitA
HeapCreate
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
GetCPInfo
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetUnhandledExceptionFilter
IsBadCodePtr
UnhandledExceptionFilter
HeapFree
LocalAlloc
LocalFree
SetStdHandle
GetSystemDefaultLangID
GetSystemDefaultLCID
IsBadReadPtr
IsBadWritePtr
GetUserDefaultLCID
WriteFile
GetFullPathNameA
GetWindowsDirectoryA
ReadFile
CreateFileA
FindFirstFileA
FindNextFileA
FindClose
GetPrivateProfileStringA
GetTempPathA
GetTempFileNameA
DeleteFileA
Sleep
LoadLibraryA
GetProcAddress
lstrcpyW
GetLastError
CreateDirectoryA
lstrcpynA
MulDiv
DebugBreak
CompareStringA
IsDBCSLeadByte
GetModuleFileNameA
MultiByteToWideChar
lstrcmpiA
GetFileAttributesA
WaitForSingleObject
ReleaseSemaphore
ExitProcess
VirtualFree
CloseHandle
VirtualAlloc
CreateSemaphoreA
lstrlenW
WideCharToMultiByte
_llseek
_lopen
_lread
_lclose
GetSystemDirectoryA
GetVersion
DisableThreadLibraryCalls
GetVersionExA
lstrcatA
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
lstrcpyA
GetCurrentThread
GetCurrentProcess
GetModuleHandleA
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
lstrlenA
InterlockedDecrement
InterlockedIncrement
ExitThread
SetThreadPriority
CreateThread
FreeLibrary
GetDiskFreeSpaceA
CopyFileA
GetFileSize
SetFileAttributesA
WinExec
AreFileApisANSI
SetFileApisToOEM
SetFileApisToANSI
SetErrorMode
GetDriveTypeA
GetVolumeInformationA
GetTickCount
GetStringTypeA
SetConsoleCtrlHandler
FlushFileBuffers
GetCurrentDirectoryA
TlsAlloc

user32

TranslateAcceleratorA
GetMessageA
DrawTextA
FrameRect
GetCursor
BringWindowToTop
SetScrollRange
SetScrollPos
GetScrollInfo
SetScrollInfo
GetDlgItemTextA
EndPaint
DrawEdge
LoadAcceleratorsA
DestroyAcceleratorTable
GetWindowThreadProcessId
EnumWindows
LoadMenuA
GetSubMenu
EnableMenuItem
GetDlgCtrlID
SetMenuItemInfoA
ModifyMenuA
TrackPopupMenuEx
EnumChildWindows
InvalidateRect
CheckMenuItem
ClientToScreen
GetWindowDC
DrawTextExA
SetWindowTextA
SetCursor
FindWindowA
IsIconic
SetForegroundWindow
WinHelpA
IsZoomed
CreateWindowExA
MoveWindow
GetWindowRect
SetClassLongA
LoadImageA
DrawFocusRect
CallWindowProcA
GetWindowTextLengthA
GetWindowTextA
SystemParametersInfoA
GetNextDlgGroupItem
GetNextDlgTabItem
LoadIconA
CharLowerA
CharPrevA
CharNextA
LoadStringA
PostMessageA
GetFocus
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
MapWindowPoints
MessageBoxA
GetCursorPos
FillRect
LoadBitmapA
wsprintfA
LoadCursorA
RegisterClassA
GetSysColor
GetWindowLongA
GetDlgItem
EnableWindow
SetWindowLongA
SetWindowPos
EndDialog
DestroyWindow
CreateDialogParamA
ShowWindow
PeekMessageA
TranslateMessage
DispatchMessageA
CreatePopupMenu
AppendMenuA
IsWindow
GetActiveWindow
GetDesktopWindow
TrackPopupMenu
DestroyMenu
GetClientRect
CopyRect
GetDC
ReleaseDC
SendMessageA
GetKeyState
GetWindow
IsWindowEnabled
SetTimer
RegisterWindowMessageA
UnregisterClassA
MsgWaitForMultipleObjects
GetClassNameA
GetParent
SetFocus
IsRectEmpty
GetSystemMenu
UpdateWindow
InsertMenuItemA
GetWindowPlacement
PostQuitMessage
GetMenu
KillTimer
ScreenToClient
SetParent
ScrollWindowEx
PtInRect
CharToOemA
IsWindowVisible
SetRectEmpty
OemToCharA
SendDlgItemMessageA
ShowScrollBar
DefWindowProcA
DialogBoxParamA
IsDialogMessageA
SetCapture
GetCapture
ReleaseCapture
InflateRect
BeginPaint
GetSystemMetrics
CharUpperA
SetDlgItemTextA

gdi32

CreateSolidBrush
DeleteObject
SetMapMode
GetObjectA
CreateCompatibleDC
GetStockObject
SetWindowOrgEx
OffsetWindowOrgEx
CreateRectRgnIndirect
GetDeviceCaps
CreateICA
CreateFontIndirectA
GetTextMetricsA
GetTextExtentPoint32A
ExtTextOutA
SetBkColor
GetTextExtentPointA
SetTextColor
SetBkMode
GetNearestColor
GetClipBox
BitBlt
RealizePalette
SelectPalette
CreateFontA
SetViewportOrgEx
LPtoDP
SetViewportExtEx
SetWindowExtEx
CreateDCA
DeleteDC
CreateDIBSection
GetDIBits
CreatePalette
PatBlt
SetROP2
CreatePatternBrush
CreateBitmap
SetBrushOrgEx
UnrealizeObject
SetPixel
CreateCompatibleBitmap
RestoreDC
SaveDC
DPtoLP
SelectObject

advapi32

OpenProcessToken
OpenThreadToken
SetSecurityDescriptorGroup
RegQueryValueA
RegSetValueA
LookupPrivilegeValueA
AdjustTokenPrivileges
EqualSid
DeleteAce
AddAccessDeniedAce
GetAclInformation
AddAce
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegQueryValueExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
CopySid
GetLengthSid
SetSecurityDescriptorOwner
GetSecurityDescriptorDacl
GetKernelObjectSecurity
SetSecurityDescriptorSacl
GetTokenInformation
LookupAccountNameA
IsValidSecurityDescriptor
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
GetSecurityDescriptorSacl
IsValidAcl
AddAccessAllowedAce
GetAce
InitializeAcl

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA

ole32

CoRevokeClassObject
OleInitialize
CoGetClassObject
CoUnmarshalInterface
CreateStreamOnHGlobal
OleUninitialize
CoGetMalloc
ProgIDFromCLSID
CoRegisterClassObject
CoReleaseMarshalData
OleSaveToStream
WriteClassStm
CoMarshalInterface
StringFromCLSID
CreateBindCtx
CreateOleAdviseHolder
OleSetContainedObject
OleCreate
OleLoadFromStream
CoCreateInstance
CoTaskMemAlloc
StgCreateDocfile
CLSIDFromProgID
CoTaskMemFree

oleaut32

LoadTypeLi
LoadRegTypeLi
SysFreeString
SysAllocString
SysAllocStringLen
VariantInit
SetErrorInfo
VariantClear
RegisterTypeLi
VariantChangeType
CreateErrorInfo
SysAllocStringByteLen
SysStringByteLen
SysStringLen
DispGetParam
VariantCopy

urlmon

RegisterBindStatusCallback
HlinkSimpleNavigateToString
URLDownloadToCacheFileA
URLDownloadToFileA
CreateURLMoniker

mpr

WNetConnectionDialog
WNetGetConnectionA

wininet

InternetCombineUrlA
InternetCreateUrlA
InternetCrackUrlA

comctl32

CreateToolbarEx
CreatePropertySheetPageA
ImageList_GetIconSize
ImageList_Draw
ord17
ImageList_Create
ImageList_Add
ImageList_LoadImageA
ImageList_GetImageCount
ImageList_Destroy
PropertySheetA

Exports

Exports

AuthorMsg
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
FirstNonSpace
HhWindowThread
HtmlHelpA
HtmlHelpW
Initialize
LoadHHA
StrChr
StrRChr
Uninitialize
WinHelpHashFromSz
doWinMain
stristr

Sections

.text
Size: 373KB - Virtual size: 373KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HHUPD.EXE
.exe windows:5 windows x86 arch:x86

b83464d8132ecd9f810820e192566e15

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12/05/1997, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28/02/2001, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:07:11:43:00:00:00:00:00:34
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/05/2002, 00:55

Not After

25/11/2003, 01:05

Subject

CN=Microsoft Corporation,OU=Copyright (c) 2002 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
FreeSid
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA

kernel32

lstrcatA
GetFileAttributesA
GetShortPathNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetCurrentProcess
lstrlenA
lstrcmpiA
lstrcpyA
GetModuleFileNameA
FreeLibrary
LocalAlloc
GetLastError
GetSystemDirectoryA
LoadLibraryA
FindClose
FindNextFileA
DeleteFileA
SetFileAttributesA
lstrcmpA
FindFirstFileA
_lclose
_llseek
_lopen
GetWindowsDirectoryA
GetProcAddress
RemoveDirectoryA
GlobalUnlock
GlobalLock
GlobalAlloc
ExitProcess
GetModuleHandleA
GetStartupInfoA
CloseHandle
LoadResource
FindResourceA
CreateMutexA
SetEvent
CreateEventA
SetCurrentDirectoryA
CreateThread
ResetEvent
TerminateThread
GetVersionExA
LocalFree
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetTempPathA
FreeResource
LockResource
SizeofResource
CreateFileA
ReadFile
WriteFile
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetTempFileNameA
GetSystemInfo
GetDiskFreeSpaceA
GetDriveTypeA
lstrcpynA
GetVolumeInformationA
GetCurrentDirectoryA
LoadLibraryExA
GetCommandLineA
CreateDirectoryA
GlobalFree
FormatMessageA
IsDBCSLeadByte

gdi32

GetDeviceCaps

user32

EndDialog
wsprintfA
ExitWindowsEx
CharNextA
CharUpperA
GetDesktopWindow
SetWindowLongA
GetWindowLongA
CallWindowProcA
GetDlgItem
SetForegroundWindow
SetWindowTextA
SendDlgItemMessageA
EnableWindow
GetDlgItemTextA
SendMessageA
DispatchMessageA
LoadStringA
PeekMessageA
MessageBoxA
CharPrevA
SetWindowPos
ReleaseDC
GetDC
GetWindowRect
ShowWindow
DialogBoxIndirectParamA
SetDlgItemTextA
MessageBeep
MsgWaitForMultipleObjects

comctl32

ord17

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 685KB - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HSETUP.EXE
.exe windows:4 windows x86 arch:x86

208bd77ce42c2f2815c3279bdb7a44d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__set_app_type
__p__fmode
_adjust_fdiv
_controlfp
_access
__p__commode
__setusermatherr
_initterm
__getmainargs
__p__acmdln
exit
_XcptFilter
_exit
_mbschr
strtok
_mbsicmp
_mbsrchr
_mbsncpy
_pctype
_isctype
__mb_cur_max
_except_handler3

kernel32

GetStartupInfoA
GetModuleHandleA
_llseek
_lread
_lopen
_lclose
GetModuleFileNameA
LoadLibraryA
GetProcAddress
GetCurrentDirectoryA
GetSystemDirectoryA
lstrcatA
lstrcpyA

user32

wsprintfA
MessageBoxA
LoadStringA

advapi32

RegQueryValueA
RegOpenKeyA
RegCloseKey

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ITEMCAL.CDX
ITEMCAL.DBF
ITIRCL.DLL
.dll regsvr32 windows:5 windows x86 arch:x86

9b91e45e0621ba5d4a5f87b749fc3ee9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

IsBadReadPtr
IsBadWritePtr
GetACP
GetUserDefaultLCID
GetVersionExA
GlobalReAlloc
DisableThreadLibraryCalls
lstrcatA
DeleteCriticalSection
InitializeCriticalSection
lstrcpyA
HeapFree
GetProcessHeap
HeapAlloc
CloseHandle
GetLastError
lstrcmpiA
GetModuleFileNameA
GetModuleHandleA
InterlockedIncrement
InterlockedDecrement
DebugBreak
EnterCriticalSection
LeaveCriticalSection
lstrlenW
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
GlobalFree
CompareStringA
CompareStringW
GlobalLock
GlobalFlags
CreateFileA
GlobalUnlock
GlobalAlloc
GlobalHandle
MapViewOfFile
OpenFile
lstrcpynA
LocalAlloc
LocalLock
LocalUnlock
LocalFree
UnmapViewOfFile
DeleteFileA
VirtualFree
VirtualAlloc
ReadFile
SetFilePointer
WriteFile
CreateFileMappingA
FlushFileBuffers
GetTempFileNameA
GetFileSize
GetFullPathNameA
GlobalSize
GetCurrentDirectoryA
GetTempPathA
GetWindowsDirectoryA

user32

CharNextA
LoadStringA
GetActiveWindow
GetWindowLongA
CharUpperA
wsprintfA

advapi32

RegEnumKeyExA
RegDeleteKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

ole32

CoCreateInstance
CoGetClassObject
ReadClassStm
StringFromCLSID
CoTaskMemFree
WriteClassStm

oleaut32

LoadTypeLi
RegisterTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ITSS.DLL
.dll regsvr32 windows:5 windows x86 arch:x86

c056cdb62d4c3939adb4f92165de90c7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

ntdll

RtlUnwind

kernel32

SetFileTime
GetFileSize
InitializeCriticalSection
DeleteCriticalSection
GetLocaleInfoA
GetUserDefaultLCID
GetProcAddress
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
lstrcpyA
lstrlenA
WideCharToMultiByte
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
InterlockedIncrement
InterlockedDecrement
lstrlenW
MultiByteToWideChar
GetACP
GetLastError
GetTempFileNameA
GetTempPathA
CloseHandle
CreateFileA
ReadFile
SetFilePointer
WriteFile
FlushFileBuffers
SetEndOfFile
LockFile
UnlockFile
GetFileTime
SetLastError
InterlockedExchange
RaiseException
VirtualAlloc
HeapAlloc
GetProcessHeap
VirtualFree
HeapFree
GetFileAttributesA
GetFullPathNameA
DeleteFileA
MoveFileExA
GetCurrentDirectoryA
CreateDirectoryA
FindClose
FindFirstFileA
FindNextFileA
ExitProcess
LocalAlloc
LocalReAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
LocalFree
TerminateProcess
GetCurrentProcess

user32

GetSystemMetrics
CharNextA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KHDOC.DBF
KHITEM.CDX
KHITEM.DBF
KHLEVEL.CDX
KHLEVEL.DBF
KHSELECT.DBF
KHST-H~1.CHM
.chm
LEVELCHK.DBF
LEVELN~1.DBF
MCI32.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

13fa0cf96dc804ea3f3d2f71b1bcf4aa

Code Sign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

winmm

mciGetErrorStringA
sndPlaySoundA
mciSendCommandA

kernel32

CompareStringW
GlobalSize
lstrcmpA
CompareStringA
LockResource
FindResourceA
LoadResource
InterlockedDecrement
GetLastError
HeapReAlloc
GetLocaleInfoA
InterlockedIncrement
GetProcAddress
GetModuleFileNameA
LoadLibraryA
GetWindowsDirectoryA
GetVersion
lstrcatA
lstrcpynA
GlobalAlloc
DisableThreadLibraryCalls
GlobalFree
lstrcpyA
GlobalLock
GlobalUnlock
MultiByteToWideChar
GetFileAttributesA
lstrcmpiA
lstrlenA
WideCharToMultiByte
InitializeCriticalSection
DeleteCriticalSection
FreeLibrary
HeapFree
GetTickCount
lstrlenW
HeapAlloc
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap

user32

ReleaseCapture
SetCursorPos
MapWindowPoints
ScreenToClient
GetClipboardFormatNameA
IsChild
InvalidateRect
UpdateWindow
GetActiveWindow
DialogBoxParamA
GetKeyState
CreateDialogIndirectParamA
SetTimer
EnableWindow
GetClientRect
IsWindowEnabled
SetDlgItemTextA
SetDlgItemInt
CheckDlgButton
EndDialog
GetWindowLongA
SetWindowPos
CreateWindowExA
SetWindowLongA
GetParent
CallWindowProcA
GetDlgCtrlID
GetNextDlgTabItem
IsDialogMessageA
WinHelpA
PtInRect
SetWindowRgn
EndDeferWindowPos
EqualRect
ClientToScreen
DeferWindowPos
GetWindow
MoveWindow
BeginPaint
EndPaint
SetParent
CharNextA
BeginDeferWindowPos
ReleaseDC
UnregisterClassA
DestroyWindow
GetSystemMetrics
RegisterClipboardFormatA
MessageBoxA
wsprintfA
PostMessageA
IsDlgButtonChecked
GetDlgItemTextA
GetDlgItemInt
GetDlgItem
GetCursorPos
IsWindow
ShowWindow
SetCursor
IsWindowVisible
LoadIconA
CopyRect
GetSysColor
DrawIcon
OffsetRect
GetFocus
InflateRect
DrawFocusRect
DefWindowProcA
SetFocus
SendMessageA
FillRect
LoadCursorA
RegisterClassA
KillTimer
LoadStringA
GetWindowRect
GetDC
IntersectRect

ole32

CreateOleAdviseHolder
RevokeDragDrop
CoTaskMemFree
RegisterDragDrop
ReleaseStgMedium
OleSaveToStream
OleLoadFromStream
DoDragDrop
CoCreateInstance
CoTaskMemAlloc

advapi32

RegQueryValueExA
RegDeleteValueA
RegEnumKeyExA
RegQueryValueA
RegOpenKeyA
RegSetValueExA
RegCloseKey
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA

oleaut32

SafeArrayRedim
SafeArrayPutElement
SafeArrayGetElement
SafeArrayCreate
SafeArrayDestroy
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysStringLen
VariantCopyInd
VariantCopy
VariantInit
CreateErrorInfo
SetErrorInfo
OleCreatePropertyFrame
VariantChangeType
LoadTypeLibEx
UnRegisterTypeLi
LoadTypeLi
RegisterTypeLi
GetErrorInfo
LoadRegTypeLi
OleLoadPicture
SysAllocStringLen
OleTranslateColor
OleCreatePictureIndirect
VariantClear
SysFreeString
SysAllocString
SafeArrayCopy

comdlg32

GetOpenFileNameA
CommDlgExtendedError

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
SetViewportOrgEx
SetMapMode
SetWindowExtEx
DeleteDC
StretchBlt
GetNearestColor
SetViewportExtEx
GetBitmapBits
CreateDIBitmap
CreatePalette
SelectPalette
RealizePalette
GetObjectA
GetPaletteEntries
CreateBitmap
GetDIBits
CopyMetaFileA
CreateDCA
CopyEnhMetaFileA
GetObjectType
DeleteObject
SetWindowOrgEx
GetStockObject
PatBlt
CreateSolidBrush
SelectObject
GetDeviceCaps
RoundRect
GetViewportExtEx
GetWindowExtEx
LPtoDP
CreateRectRgnIndirect

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MSCOMCTL.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

2b2ee4e06ab7ae589a670cad99121b44

Code Sign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
LocalReAlloc
GetProfileIntA
RtlMoveMemory
LocalSize
FreeResource
GetCurrentProcessId
MulDiv
GetTickCount
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
GlobalReAlloc
IsBadReadPtr
Sleep
WaitForSingleObject
GlobalHandle
GetThreadLocale
LocalFree
LocalAlloc
GlobalAddAtomA
SetFilePointer
SetStdHandle
FlushFileBuffers
VirtualAlloc
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentProcess
TerminateProcess
ExitProcess
RtlUnwind
GetCommandLineA
CompareStringW
GlobalSize
CreateFileA
GetFileSize
GlobalUnlock
GlobalLock
ReadFile
CloseHandle
GlobalFree
IsDBCSLeadByte
GetModuleHandleA
FindResourceA
LoadResource
LockResource
GetLastError
GetFileAttributesA
GetVersion
DisableThreadLibraryCalls
GetProcAddress
GetLocaleInfoA
LoadLibraryA
GetWindowsDirectoryA
lstrcatA
GetModuleFileNameA
IsBadWritePtr
lstrcmpiA
GetLocalTime
GetTimeFormatA
GetDateFormatA
lstrcmpA
GlobalAlloc
GetVersionExA
GetCurrentThreadId
MultiByteToWideChar
CompareStringA
lstrcpyA
InterlockedExchange
lstrlenA
GetSystemDefaultLCID
lstrcpynA
HeapAlloc
DeleteCriticalSection
FreeLibrary
HeapFree
WideCharToMultiByte
lstrlenW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
InterlockedIncrement
InterlockedDecrement
HeapReAlloc

user32

DrawFocusRect
AdjustWindowRect
DrawFrameControl
TrackPopupMenu
GetMessageA
AdjustWindowRectEx
CopyRect
GetKeyNameTextA
ShowCaret
SetCaretPos
GrayStringA
HideCaret
DestroyCaret
CreateCaret
SetWindowTextA
SetScrollInfo
DrawTextExA
InvertRect
SetRectEmpty
GetShellWindow
SetKeyboardState
GetKeyboardState
GetScrollInfo
GetKeyboardLayout
DestroyCursor
GetUpdateRgn
GetUpdateRect
GetWindowRgn
ValidateRect
CallMsgFilterA
LockWindowUpdate
IsZoomed
GetDesktopWindow
GetIconInfo
GetCursor
GetForegroundWindow
InvalidateRgn
EndDeferWindowPos
EnumChildWindows
GetDoubleClickTime
FindWindowA
GetMessageTime
GetWindowThreadProcessId
RemovePropA
SendNotifyMessageA
SetScrollPos
SetScrollRange
GetWindowTextLengthA
EnableScrollBar
ChildWindowFromPoint
GetDlgItemInt
EndDialog
GetActiveWindow
GetWindow
GetPropA
GetCursorPos
WindowFromPoint
GetClassNameA
GetDlgCtrlID
IsWindow
SetPropA
IsWindowEnabled
IsWindowVisible
UnregisterClassA
CharNextA
MessageBoxA
SetActiveWindow
CheckRadioButton
SetFocus
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
CheckDlgButton
GetDlgItem
GetDCEx
DrawIconEx
CreateIconIndirect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetClipboardFormatNameA
SetCursorPos
RegisterClipboardFormatA
MessageBeep
RegisterWindowMessageA
PeekMessageA
PostMessageW
PeekMessageW
VkKeyScanA
SetParent
CharUpperA
GetDlgItemTextA
SetCursor
CreateDialogIndirectParamA
GetNextDlgTabItem
IsDialogMessageA
ScrollWindowEx
SendDlgItemMessageA
SetWindowRgn
IntersectRect
EqualRect
MoveWindow
BeginPaint
EndPaint
DeferWindowPos
BeginDeferWindowPos
CharNextExA
SetTimer
KillTimer
DrawIcon
DestroyIcon
MapWindowPoints
CreatePopupMenu
AppendMenuA
TrackPopupMenuEx
DestroyMenu
WinHelpA
PtInRect
DefWindowProcA
GetWindowDC
SetRect
LoadCursorA
IsRectEmpty
ClientToScreen
GetWindowRect
MapVirtualKeyA
DestroyWindow
CreateWindowExA
GetSysColorBrush
GetAsyncKeyState
EnableWindow
PostMessageA
TranslateMessage
DispatchMessageA
wsprintfA
DialogBoxParamA
UpdateWindow
GetWindowLongA
SetWindowLongA
GetDC
ReleaseDC
GetParent
OffsetRect
UnionRect
GetFocus
IsChild
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetMessagePos
ScreenToClient
SetWindowPos
SetCapture
GetWindowTextA
WindowFromDC
GetClientRect
CallWindowProcA
DrawEdge
GetSysColor
FrameRect
InflateRect
FillRect
DrawTextA
GetKeyState
GetCapture
ReleaseCapture
GetClassInfoA
RegisterClassA
InvalidateRect
LoadIconA
GetSystemMetrics
CopyImage
SendMessageA
LoadStringA
RedrawWindow
ShowWindow
CreateAcceleratorTableA

ole32

ReleaseStgMedium
DoDragDrop
RegisterDragDrop
RevokeDragDrop
CreateStreamOnHGlobal
OleLoadFromStream
OleSaveToStream
CreateOleAdviseHolder
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

advapi32

RegDeleteKeyA
RegOpenKeyA
RegQueryValueA
RegQueryValueExA
RegEnumKeyExA
RegCreateKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegDeleteValueA

oleaut32

SafeArrayRedim
SafeArrayPutElement
SafeArrayGetElement
SafeArrayCreate
SafeArrayDestroy
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
GetErrorInfo
OleCreateFontIndirect
OleCreatePropertyFrame
LoadTypeLibEx
UnRegisterTypeLi
RegisterTypeLi
CreateErrorInfo
SetErrorInfo
LoadRegTypeLi
LoadTypeLi
VariantChangeTypeEx
SysStringByteLen
SysAllocStringByteLen
OleLoadPicture
SysAllocStringLen
VariantCopy
OleTranslateColor
VariantChangeType
OleCreatePictureIndirect
VariantCopyInd
SysStringLen
SysFreeString
VariantInit
VariantClear
SysAllocString
SafeArrayCopy

comdlg32

GetOpenFileNameA

gdi32

Arc
GetTextExtentPointA
GetCharWidthA
OffsetWindowOrgEx
ExtTextOutW
GetTextExtentPointW
Polyline
GetTextAlign
SetTextAlign
OffsetRgn
GetTextColor
CombineRgn
GetTextMetricsA
MoveToEx
LineTo
Ellipse
DeleteObject
SelectObject
CreateSolidBrush
SetViewportOrgEx
SetWindowOrgEx
SetViewportExtEx
SetWindowExtEx
SetMapMode
GetDeviceCaps
CreateFontIndirectA
GetObjectA
SelectClipRgn
ExcludeClipRect
RectVisible
GetClipBox
IntersectClipRect
GetClipRgn
CreateRectRgnIndirect
RealizePalette
SelectPalette
PatBlt
CreateCompatibleBitmap
CreateBitmap
CreateCompatibleDC
GetTextExtentPoint32A
TextOutA
SetTextColor
SetBkMode
Rectangle
CreatePen
SetBkColor
GetStockObject
GetViewportExtEx
GetWindowExtEx
LPtoDP
DeleteDC
CreateDCA
CreateRectRgn
StretchBlt
CreateICA
CopyMetaFileA
CopyEnhMetaFileA
GetPaletteEntries
GetDIBits
CreateDIBitmap
GetBitmapBits
CreatePalette
GetNearestColor
CreatePatternBrush
CreateDIBSection
CreateHalftonePalette
BitBlt
SetDIBColorTable
GetDIBColorTable
GetPixel
StretchDIBits
SetBrushOrgEx
GetBkColor
ExtTextOutA
RestoreDC
SaveDC
CreateFontA

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 685KB - Virtual size: 684KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 279KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MSSETUP.DLL
.dll windows:1 windows x86 arch:x86

9f91a6d65da7fff6bdb420d66d40fac0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RemoveDirectoryA
SetCurrentDirectoryA
GetCurrentDirectoryA
SetFileAttributesA
GetFileAttributesA
FindClose
FindNextFileA
FindFirstFileA
CreateDirectoryA
GetCurrentThreadId
lstrcmpiA
GetProfileStringA
GlobalAddAtomA
GlobalDeleteAtom
IsBadReadPtr
GetVersion
GlobalFree
GlobalAlloc
LoadResource
SizeofResource
FindResourceA
DeviceIoControl
GetDriveTypeA
GetFileTime
FreeLibrary
GetProcAddress
LoadLibraryA
GetVolumeInformationA
ReadFile
FileTimeToLocalFileTime
GetLocaleInfoA
WritePrivateProfileStringA
WriteProfileStringA
GetPrivateProfileStringA
GetModuleFileNameA
GlobalLock
GlobalHandle
GlobalReAlloc
GetCurrentProcess
ReleaseMutex
CreateMutexA
GetShortPathNameA
OpenMutexA
GetSystemInfo
GetWindowsDirectoryA
GetSystemDirectoryA
GetEnvironmentVariableA
CreateFileA
SearchPathA
CreateFileMappingA
MapViewOfFile
RtlMoveMemory
FlushViewOfFile
GetSystemTime
SystemTimeToFileTime
SetFileTime
LocalAlloc
GetFileSize
UnmapViewOfFile
CloseHandle
LocalFree
GetTempPathA
FileTimeToDosDateTime
DeleteFileA
MoveFileExA
GetTempFileNameA
MoveFileA
LocalFileTimeToFileTime
GetLastError
DosDateTimeToFileTime
IsDBCSLeadByte
lstrcatA
SetErrorMode
lstrcpyA
GetTickCount
lstrcmpA
WriteFile
lstrlenA
SetFilePointer
GetDiskFreeSpaceA
CompareStringW
GetTimeZoneInformation
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCurrentProcessId
VirtualAlloc
VirtualFree
HeapCreate
CompareStringA
HeapReAlloc
HeapDestroy
LCMapStringW
LCMapStringA
TerminateProcess
RtlZeroMemory
MultiByteToWideChar
GetStringTypeW
ExitProcess
WideCharToMultiByte
GetModuleHandleA
GetStringTypeA
HeapFree
HeapAlloc
GetCommandLineA
SetEnvironmentVariableA
FileTimeToSystemTime
GetFullPathNameA
RtlUnwind
OpenFile
GetLocalTime
SetUnhandledExceptionFilter
IsBadWritePtr
IsBadCodePtr
lstrcpynA

advapi32

RegQueryInfoKeyA
RegQueryValueA
RegFlushKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA

user32

SetWindowWord
GetWindowWord
EnableWindow
SetWindowTextA
MapDialogRect
SetWindowPos
SendDlgItemMessageA
ShowWindow
AppendMenuA
DeleteMenu
GetSystemMenu
LoadIconA
CreateWindowExA
SendNotifyMessageA
GetDialogBaseUnits
MessageBoxA
DialogBoxParamA
CopyRect
EndDialog
RemoveMenu
DrawIcon
SetRect
DdeUninitialize
DdeDisconnect
DdeInitializeA
DdeFreeStringHandle
DdeConnect
DdeCreateStringHandleA
DdeFreeDataHandle
SetFocus
GetDlgItem
PostMessageA
DdeGetLastError
ExitWindowsEx
IsWindow
LoadBitmapA
GetLastActivePopup
UnregisterClassA
CreateDialogParamA
GetMessageA
GetKeyState
SendMessageA
SetWindowLongA
SetPropA
GetPropA
PeekMessageA
TranslateMessage
DispatchMessageA
IsDialogMessageA
CharUpperBuffA
CharUpperA
MessageBeep
UpdateWindow
WinHelpA
CharPrevA
GetActiveWindow
SetActiveWindow
LoadCursorA
SetCursor
LoadStringA
DestroyWindow
SetDlgItemTextA
ShowCursor
GetSystemMetrics
RegisterClassA
CharNextA
wsprintfA
GetCursor
ShowCaret
HideCaret
MapWindowPoints
ExcludeUpdateRgn
BeginPaint
EndPaint
IsWindowEnabled
GetWindowTextA
ClientToScreen
IntersectRect
DrawTextA
GetFocus
ScreenToClient
DrawFocusRect
GetClassNameA
CallNextHookEx
InvalidateRect
GetClassInfoA
DdeAccessData
DefWindowProcA
GetWindowDC
GetWindowRect
InflateRect
OffsetRect
ReleaseDC
GetWindowLongA
GetWindow
IsChild
SetWindowsHookExA
UnhookWindowsHookEx
GetClientRect
RemovePropA
CallWindowProcA
DdeClientTransaction
DdeUnaccessData
GetDC
GetSysColor
GetParent
OemToCharA

gdi32

DeleteObject
ExtTextOutA
IntersectClipRect
SetBkColor
GetTextMetricsA
SetTextColor
GetTextExtentPointA
GetDeviceCaps
CreateSolidBrush
SelectObject
BitBlt
CreateCompatibleDC
DeleteDC
CreateDIBitmap
GetNearestColor
SetBkMode
GetStockObject
GetObjectA
PatBlt

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
VerFindFileA

lz32

LZOpenFileA
LZCopy
LZClose

Exports

Exports

AddLineToRestartFile
AddListItem
AddSectionFilesToCopyList
AddSectionKeyFileToCopyList
AddShareToAutoexec
AddSpecialFileToCopyList
AddToBillboardList
BindImage
BtnWndProc3d
CbGetListItem
CbGetSymbolValue
CbReadFile
CbStrCopyToBuffer
CbWriteFile
CleanupTrap
ClearBillboardList
ClearCopyList
ComboWndProc3d
CompareFileVersions
CopyFile
CopyFilesInCopyList
CrcStringCompare
CrcStringCompareI
CreateDir
CreateIniKeyValue
CreateProgmanGroup
CreateProgmanItem
CreateSysIniKeyValue
Ctl3dAutoSubclass
Ctl3dColorChange
Ctl3dCtlColor
Ctl3dCtlColorEx
Ctl3dDlgFramePaint
Ctl3dDlgProc
Ctl3dEnabled
Ctl3dGetVer
Ctl3dRegister
Ctl3dSetStyle
Ctl3dSubclassCtl
Ctl3dSubclassDlg
Ctl3dSubclassDlgEx
Ctl3dUnregister
Ctl3dWinIniChange
DBCS_fullpath
DBCS_splitpath
DebugMessagesOn
DeleteProgmanGroup
DeleteProgmanItem
DeleteRegKeyValue32
DoMsgBox
DoesDirExist
DoesFileExist
DoesInfSectionExist
DoesInfSectionKeyExist
DoesIniKeyExist
DoesIniSectionExist
DoesSysIniKeyValueExist
DriveNumToRootPath
EditWndProc3d
EercErrorHandler
EercFindHddiFloppy
EercOpenFile
EercOpenSrcFile
EercOpenSrcFileEx
EercReadSrcFile
EercWriteSrcFile
EnableIME
EndSetupToolkit
EnsurePathExists
ExitExecRestart
FAddLineToRestartFile
FAddListItem
FAddSymbolValueToSymTab
FChmodFile
FCloseFile
FCloseHelp
FCloseLogFile
FCloseSrcFile
FDisplaySystemMsg
FFileExist
FFree
FGetKeyInfo
FGstGenericDlgProc
FGstGenericHelpDlgProc
FHasInfBeenOpened
FInstRemoveableDrive
FLanguageMismatchInf
FLogOpen
FLongFileNamesSuppressed
FMakeFATPathFromDirAndSubPath
FMsgBoxDlgProc
FOpenLogFile
FReadResource
FRegCloseKey
FRegCreateKey32
FRemoveOurDir
FRemoveSymbol
FSetSymbolValue
FStampResource
FValidFilePath
FWriteToLogFile
FailAssert
FailRTChkArg
FindFileInTree
FindFileUsingFileOpen
FindTargetOnEnvVar
ForceNewDialog
ForceRestartOff
ForceRestartOn
FrameWndProc
GetCopyListCost
GetDOSMajorVersion
GetDOSMinorVersion
GetEnvVariableValue
GetExistingFOTFileForTTF
GetFreeSpaceForDrive
GetIniKeyString
GetListItem
GetListLength
GetNetworkDrivesList
GetNthFieldFromIniString
GetProcessorType
GetRegKeyValue32
GetRegKeyValue32Ex
GetScreenHeight
GetScreenWidth
GetSectionKeyDate
GetSectionKeyFilename
GetSectionKeySize
GetSectionKeyVersion
GetSilentMode
GetSizeOfFile
GetSymbolValue
GetTotalSpaceForDrive
GetTypeFaceNameFromTTF
GetVersionNthField
GetVersionOfFile
GetWindowsDirPath
GetWindowsMajorVersion
GetWindowsMinorVersion
GetWindowsMode
GetWindowsSysDir
HandleOOM
HdlgShowHelp
HinstFrame
HmodUIHookDll
HwndFrame
InitIME
InitLongFileNames
InitSetupToolkit
IsAdminMode
IsCtl3dEnabled
IsDirWritable
IsDriveLocalHard
IsDriveNetwork
IsDriveRemovable
IsDriverInConfig
IsFileInUseBySystem
IsFileWritable
IsWindows
IsWindowsDBCS
IsWindowsJapanese
IsWindowsShared
LfaSeekFile
ListWndProc3d
LogMessageId
LogValidate
MBIconProc
MakeListFromProgmanGroups
MakeListFromSectionDate
MakeListFromSectionFilename
MakeListFromSectionKeys
MakeListFromSectionSize
MakeListFromSectionVersion
OpenIME
PbAlloc
PbRealloc
PrependToPath
ProBarProc
ProDlgProc
ProcessDebugMessage
ProcessMessage
ProcessMessageId
PsdleFromDid
ReactivateSetupScript
ReadInfFile
RemoveDir
RemoveFile
RemoveIniKey
RemoveIniSection
RemoveSectionFilesToCopyList
RemoveSectionKeyFileToCopyList
RemoveSpecialFileToCopyList
RemoveSymbol
RenameFile
ReplaceListItem
ResponseFile
RestartListEmpty
RestoreCursor
STF_AddLineToRestartFile
STF_AddListItem
STF_AddSectionFilesToCopyList
STF_AddSectionKeyFileToCopyList
STF_AddShareToAutoexec
STF_AddSpecialFileToCopyList
STF_AddToBillboardList
STF_ClearBillboardList
STF_CopyFile
STF_CopyFilesInCopyList
STF_CreateDir
STF_CreateIniKeyValue
STF_CreateProgmanGroup
STF_CreateProgmanItem
STF_DoesDirExist
STF_DoesInfSectionExist
STF_DoesInfSectionKeyExist
STF_DoesIniKeyExist
STF_DoesIniSectionExist
STF_FindFileInTree
STF_FindFileUsingFileOpen
STF_FindTargetOnEnvVar
STF_ForceNewDialog
STF_GetCopyListCost
STF_GetExistingFOTFileForTTF
STF_GetFreeSpaceForDrive
STF_GetIniKeyString
STF_GetListItem
STF_GetListLength
STF_GetNetworkDrivesList
STF_GetNthFieldFromIniString
STF_GetSectionKeyDate
STF_GetSectionKeyFilename
STF_GetSectionKeySize
STF_GetSectionKeyVersion
STF_GetSizeOfFile
STF_GetSymbolValue
STF_GetTotalSpaceForDrive
STF_GetTypeFaceNameFromTTF
STF_GetVersionNthField
STF_GetVersionOfFile
STF_GetWindowsDirPath
STF_GetWindowsSysDir
STF_InitSetupToolkit
STF_IsDirWritable
STF_IsDriveLocalHard
STF_IsDriveNetwork
STF_IsDriveRemovable
STF_IsFileInUseBySystem
STF_IsFileWritable
STF_IsWindowsShared
STF_MakeListFromProgmanGroups
STF_MakeListFromSectionDate
STF_MakeListFromSectionFilename
STF_MakeListFromSectionKeys
STF_MakeListFromSectionSize
STF_MakeListFromSectionVersion
STF_PrependToPath
STF_ReadInfFile
STF_RemoveDir
STF_RemoveFile
STF_RemoveIniKey
STF_RemoveIniSection
STF_RemoveSectionFilesToCopyList
STF_RemoveSectionKeyFileToCopyList
STF_RemoveSpecialFileToCopyList
STF_RemoveSymbol
STF_RenameFile
STF_RestoreCursor
STF_SetAbout
STF_SetBitmap
STF_SetRestartDir
STF_SetSymbolValue
STF_ShowProgmanGroup
STF_StampResource
STF_UIPop
STF_UIPopAll
STF_UIStartDlg
STF_UIStartExeDlg
STF_UIStartExeDlgWinHelp
SetAbout
SetAcmeInst
SetAdminMode
SetBitmap
SetCopyGaugePosition
SetErrorParam
SetErrorParamChar
SetErrorParamConst
SetErrorParamCopy
SetErrorParamInt
SetFEFontProc
SetLastSetupErrMsg
SetPassInfo
SetRegKeyValue32
SetRegKeyValue32Ex
SetRestartDir
SetSilentMode
SetSizeCheckMode
SetSymbolValue
SetTitle
SetupApiErr
ShowProgmanGroup
ShowWaitCursor
StampResource
StaticWndProc3d
SuppressLongFileNames
SzFindSymbolValueInSymTab
SzGetLastSetupErrMsg
SzLastChar
TermIME
UIPop
UIPopAll
UIStartDlg
UIStartExeDlg
UIStartExeDlgWinHelp
UiFindSrcFileName
UiPromptForDisk
UsGetListLength
Validate
WriteLogDivider
fnText

Sections

.text
Size: 195KB - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.expo
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MSVCRT.DLL
.dll windows:4 windows x86 arch:x86

f325e1ae915b98bc4702bb3efa8aea4a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
RtlUnwind
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetUnhandledExceptionFilter
GetModuleFileNameA
GetModuleFileNameW
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
ResumeThread
CreateThread
TlsSetValue
ExitThread
CloseHandle
GetCurrentThreadId
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
HeapFree
HeapAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetHandleCount
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
MultiByteToWideChar
GetCommandLineW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
SetEnvironmentVariableW
InterlockedDecrement
InterlockedIncrement
FlushFileBuffers
SetFilePointer
SetStdHandle
RaiseException
CompareStringA
CompareStringW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetVersionExA
GetLocaleInfoW
GetTimeZoneInformation
SetEnvironmentVariableA
Beep
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
GetCurrentProcessId
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
GetExitCodeProcess
WaitForSingleObject
FreeLibrary
CreateProcessA
CreateProcessW
HeapValidate
HeapCompact
HeapWalk
HeapSize
ReadConsoleA
SetConsoleMode
GetConsoleMode
SetEndOfFile
WriteConsoleA
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
LockFile
UnlockFile
CreateFileA
CreatePipe
ReadFile
CreateFileW
GetSystemTimeAsFileTime
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
SetLocalTime
GetSystemTime
GetModuleHandleA

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@@QAE@ABV0@@Z
??0__non_rtti_object@@QAE@PBD@Z
??0bad_cast@@QAE@ABQBD@Z
??0bad_cast@@QAE@ABV0@@Z
??0bad_typeid@@QAE@ABV0@@Z
??0bad_typeid@@QAE@PBD@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1__non_rtti_object@@UAE@XZ
??1bad_cast@@UAE@XZ
??1bad_typeid@@UAE@XZ
??1exception@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??3@YAXPAX@Z
??4__non_rtti_object@@QAEAAV0@ABV0@@Z
??4bad_cast@@QAEAAV0@ABV0@@Z
??4bad_typeid@@QAEAAV0@ABV0@@Z
??4exception@@QAEAAV0@ABV0@@Z
??8type_info@@QBEHABV0@@Z
??9type_info@@QBEHABV0@@Z
??_7__non_rtti_object@@6B@
??_7bad_cast@@6B@
??_7bad_typeid@@6B@
??_7exception@@6B@
??_E__non_rtti_object@@UAEPAXI@Z
??_Ebad_cast@@UAEPAXI@Z
??_Ebad_typeid@@UAEPAXI@Z
??_Eexception@@UAEPAXI@Z
??_G__non_rtti_object@@UAEPAXI@Z
??_Gbad_cast@@UAEPAXI@Z
??_Gbad_typeid@@UAEPAXI@Z
??_Gexception@@UAEPAXI@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDXZ
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?terminate@@YAXXZ
?unexpected@@YAXXZ
?what@exception@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CxxThrowException
_EH_prolog
_Getdays
_Getmonths
_Gettnames
_HUGE
_Strftime
_XcptFilter
__CxxFrameHandler
__CxxLongjmpUnwind
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__argc
__argv
__badioinfo
__crtCompareStringA
__crtGetLocaleInfoW
__crtLCMapStringA
__dllonexit
__doserrno
__fpecode
__getmainargs
__initenv
__isascii
__iscsym
__iscsymf
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv_init
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fileinfo
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pioinfo
__pxcptinfoptrs
__set_app_type
__setlc_active
__setusermatherr
__threadhandle
__threadid
__toascii
__unDName
__unDNameEx
__unguarded_readlc_active
__wargv
__wgetmainargs
__winitenv
_abnormal_termination
_access
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_amsg_exit
_assert
_atodbl
_atoi64
_atoldbl
_beep
_beginthread
_beginthreadex
_c_exit
_cabs
_callnewh
_cexit
_cgets
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_clearfp
_close
_commit
_commode
_control87
_controlfp
_copysign
_cprintf
_cputs
_creat
_cscanf
_ctype
_cwait
_daylight
_dstbias
_dup
_dup2
_ecvt
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fcloseall
_fcvt
_fdopen
_fgetchar
_fgetwchar
_filbuf
_fileinfo
_filelength
_filelengthi64
_fileno
_findclose
_findfirst
_findfirsti64
_findnext
_findnexti64
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fputchar
_fputwchar
_fsopen
_fstat
_fstati64
_ftime
_ftol
_fullpath
_futime
_gcvt
_get_osfhandle
_get_sbh_threshold
_getch
_getche
_getcwd
_getdcwd
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getsystime
_getw
_getws
_global_unwind2
_heapadd
_heapchk
_heapmin
_heapset
_heapused
_heapwalk
_hypot
_i64toa
_i64tow
_initterm
_inp
_inpd
_inpw
_iob
_isatty
_isctype
_ismbbalnum
_ismbbalpha
_ismbbgraph
_ismbbkalnum
_ismbbkana
_ismbbkprint
_ismbbkpunct
_ismbblead
_ismbbprint
_ismbbpunct
_ismbbtrail
_ismbcalnum
_ismbcalpha
_ismbcdigit
_ismbcgraph
_ismbchira
_ismbckata
_ismbcl0
_ismbcl1
_ismbcl2
_ismbclegal
_ismbclower
_ismbcprint
_ismbcpunct
_ismbcspace
_ismbcsymbol
_ismbcupper
_ismbslead
_ismbstrail
_isnan
_itoa
_itow
_j0
_j1
_jn
_kbhit
_lfind
_loaddll
_local_unwind2
_lock
_locking
_logb
_longjmpex
_lrotl
_lrotr
_lsearch
_lseek
_lseeki64
_ltoa
_ltow
_makepath
_mbbtombc
_mbbtype
_mbcasemap
_mbccpy
_mbcjistojms
_mbcjmstojis
_mbclen
_mbctohira
_mbctokata
_mbctolower
_mbctombb
_mbctoupper
_mbctype
_mbsbtype
_mbscat
_mbschr
_mbscmp
_mbscoll
_mbscpy
_mbscspn
_mbsdec
_mbsdup
_mbsicmp
_mbsicoll
_mbsinc
_mbslen
_mbslwr
_mbsnbcat
_mbsnbcmp
_mbsnbcnt
_mbsnbcoll
_mbsnbcpy
_mbsnbicmp
_mbsnbicoll
_mbsnbset
_mbsncat
_mbsnccnt
_mbsncmp
_mbsncoll
_mbsncpy
_mbsnextc
_mbsnicmp
_mbsnicoll
_mbsninc
_mbsnset
_mbspbrk
_mbsrchr
_mbsrev
_mbsset
_mbsspn
_mbsspnp
_mbsstr
_mbstok
_mbstrlen
_mbsupr
_memccpy
_memicmp
_mkdir
_mktemp
_msize
_nextafter
_onexit
_open
_open_osfhandle
_osver
_outp
_outpd
_outpw
_pclose
_pctype
_pgmptr
_pipe
_popen
_purecall
_putch
_putenv
_putw
_putws
_pwctype
_read
_rmdir
_rmtmp
_rotl
_rotr
_safe_fdiv
_safe_fdivr
_safe_fprem
_safe_fprem1
_scalb
_searchenv
_seh_longjmp_unwind
_set_error_mode
_set_sbh_threshold
_seterrormode
_setjmp
_setjmp3
_setmaxstdio
_setmbcp
_setmode
_setsystime
_sleep
_snprintf
_snwprintf
_sopen
_spawnl
_spawnle
_spawnlp
_spawnlpe
_spawnv
_spawnve
_spawnvp
_spawnvpe
_splitpath
_stat
_stati64
_statusfp
_strcmpi
_strdate
_strdup
_strerror
_stricmp
_stricoll
_strlwr
_strncoll
_strnicmp
_strnicoll
_strnset
_strrev
_strset
_strtime
_strupr
_swab
_sys_errlist
_sys_nerr
_tell
_telli64
_tempnam
_timezone
_tolower
_toupper
_tzname
_tzset
_ui64toa
_ui64tow
_ultoa
_ultow
_umask
_ungetch
_unlink
_unloaddll
_unlock
_utime
_vsnprintf
_vsnwprintf
_waccess
_wasctime
_wchdir
_wchmod
_wcmdln
_wcreat
_wcsdup
_wcsicmp
_wcsicoll
_wcslwr
_wcsncoll
_wcsnicmp
_wcsnicoll
_wcsnset
_wcsrev
_wcsset
_wcsupr

Sections

.text
Size: 176KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MSVCRT40.DLL
.dll windows:4 windows x86 arch:x86

57259dcda30c27e977785c33a8441434

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

IsValidLocale
RtlUnwind
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameA
GetModuleFileNameW
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
ResumeThread
GetLastError
CreateThread
TlsSetValue
ExitThread
CloseHandle
GetCurrentThreadId
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
FindClose
FindNextFileA
FindFirstFileA
FindNextFileW
FindFirstFileW
HeapFree
HeapAlloc
HeapCreate
HeapDestroy
ReadFile
SetFilePointer
SetHandleCount
GetFileType
GetStartupInfoA
CreateFileA
SetStdHandle
SetEndOfFile
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar
GetCommandLineW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
Sleep
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
SetEnvironmentVariableW
RaiseException
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
GetLocaleInfoW
GetTimeZoneInformation
HeapReAlloc
HeapSize
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
Beep
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
GetCurrentProcessId
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
GetExitCodeProcess
WaitForSingleObject
FreeLibrary
CreateProcessA
CreateProcessW
HeapValidate
HeapUnlock
HeapWalk
HeapLock
HeapCompact
ReadConsoleA
SetConsoleMode
GetConsoleMode
WriteConsoleA
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
LockFile
UnlockFile
CreatePipe
CreateFileW
GetLocalTime
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetLocalTime
GetSystemTime

Exports

Exports

$I10_OUTPUT
??0Iostream_init@@QAE@AAVios@@H@Z
??0Iostream_init@@QAE@XZ
??0__non_rtti_object@@QAE@ABV0@@Z
??0__non_rtti_object@@QAE@PBD@Z
??0bad_cast@@QAE@ABQBD@Z
??0bad_cast@@QAE@ABV0@@Z
??0bad_typeid@@QAE@ABV0@@Z
??0bad_typeid@@QAE@PBD@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??0filebuf@@QAE@ABV0@@Z
??0filebuf@@QAE@H@Z
??0filebuf@@QAE@HPADH@Z
??0filebuf@@QAE@XZ
??0fstream@@QAE@ABV0@@Z
??0fstream@@QAE@H@Z
??0fstream@@QAE@HPADH@Z
??0fstream@@QAE@PBDHH@Z
??0fstream@@QAE@XZ
??0ifstream@@QAE@ABV0@@Z
??0ifstream@@QAE@H@Z
??0ifstream@@QAE@HPADH@Z
??0ifstream@@QAE@PBDHH@Z
??0ifstream@@QAE@XZ
??0ios@@IAE@ABV0@@Z
??0ios@@IAE@XZ
??0ios@@QAE@PAVstreambuf@@@Z
??0iostream@@IAE@ABV0@@Z
??0iostream@@IAE@XZ
??0iostream@@QAE@PAVstreambuf@@@Z
??0istream@@IAE@ABV0@@Z
??0istream@@IAE@XZ
??0istream@@QAE@PAVstreambuf@@@Z
??0istream_withassign@@QAE@ABV0@@Z
??0istream_withassign@@QAE@PAVstreambuf@@@Z
??0istream_withassign@@QAE@XZ
??0istrstream@@QAE@ABV0@@Z
??0istrstream@@QAE@PAD@Z
??0istrstream@@QAE@PADH@Z
??0logic_error@@QAE@ABQBD@Z
??0logic_error@@QAE@ABV0@@Z
??0ofstream@@QAE@ABV0@@Z
??0ofstream@@QAE@H@Z
??0ofstream@@QAE@HPADH@Z
??0ofstream@@QAE@PBDHH@Z
??0ofstream@@QAE@XZ
??0ostream@@IAE@ABV0@@Z
??0ostream@@IAE@XZ
??0ostream@@QAE@PAVstreambuf@@@Z
??0ostream_withassign@@QAE@ABV0@@Z
??0ostream_withassign@@QAE@PAVstreambuf@@@Z
??0ostream_withassign@@QAE@XZ
??0ostrstream@@QAE@ABV0@@Z
??0ostrstream@@QAE@PADHH@Z
??0ostrstream@@QAE@XZ
??0stdiobuf@@QAE@ABV0@@Z
??0stdiobuf@@QAE@PAU_iobuf@@@Z
??0stdiostream@@QAE@ABV0@@Z
??0stdiostream@@QAE@PAU_iobuf@@@Z
??0streambuf@@IAE@PADH@Z
??0streambuf@@IAE@XZ
??0streambuf@@QAE@ABV0@@Z
??0strstream@@QAE@ABV0@@Z
??0strstream@@QAE@PADHH@Z
??0strstream@@QAE@XZ
??0strstreambuf@@QAE@ABV0@@Z
??0strstreambuf@@QAE@H@Z
??0strstreambuf@@QAE@P6APAXJ@ZP6AXPAX@Z@Z
??0strstreambuf@@QAE@PADH0@Z
??0strstreambuf@@QAE@XZ
??1Iostream_init@@QAE@XZ
??1__non_rtti_object@@UAE@XZ
??1bad_cast@@UAE@XZ
??1bad_typeid@@UAE@XZ
??1exception@@UAE@XZ
??1filebuf@@UAE@XZ
??1fstream@@UAE@XZ
??1ifstream@@UAE@XZ
??1ios@@UAE@XZ
??1iostream@@UAE@XZ
??1istream@@UAE@XZ
??1istream_withassign@@UAE@XZ
??1istrstream@@UAE@XZ
??1logic_error@@UAE@XZ
??1ofstream@@UAE@XZ
??1ostream@@UAE@XZ
??1ostream_withassign@@UAE@XZ
??1ostrstream@@UAE@XZ
??1stdiobuf@@UAE@XZ
??1stdiostream@@UAE@XZ
??1streambuf@@UAE@XZ
??1strstream@@UAE@XZ
??1strstreambuf@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??3@YAXPAX@Z
??4Iostream_init@@QAEAAV0@ABV0@@Z
??4__non_rtti_object@@QAEAAV0@ABV0@@Z
??4bad_cast@@QAEAAV0@ABV0@@Z
??4bad_typeid@@QAEAAV0@ABV0@@Z
??4exception@@QAEAAV0@ABV0@@Z
??4filebuf@@QAEAAV0@ABV0@@Z
??4fstream@@QAEAAV0@AAV0@@Z
??4ifstream@@QAEAAV0@ABV0@@Z
??4ios@@IAEAAV0@ABV0@@Z
??4iostream@@IAEAAV0@AAV0@@Z
??4iostream@@IAEAAV0@PAVstreambuf@@@Z
??4istream@@IAEAAV0@ABV0@@Z
??4istream@@IAEAAV0@PAVstreambuf@@@Z
??4istream_withassign@@QAEAAV0@ABV0@@Z
??4istream_withassign@@QAEAAVistream@@ABV1@@Z
??4istream_withassign@@QAEAAVistream@@PAVstreambuf@@@Z
??4istrstream@@QAEAAV0@ABV0@@Z
??4logic_error@@QAEAAV0@ABV0@@Z
??4ofstream@@QAEAAV0@ABV0@@Z
??4ostream@@IAEAAV0@ABV0@@Z
??4ostream@@IAEAAV0@PAVstreambuf@@@Z
??4ostream_withassign@@QAEAAV0@ABV0@@Z
??4ostream_withassign@@QAEAAVostream@@ABV1@@Z
??4ostream_withassign@@QAEAAVostream@@PAVstreambuf@@@Z
??4ostrstream@@QAEAAV0@ABV0@@Z
??4stdiobuf@@QAEAAV0@ABV0@@Z
??4stdiostream@@QAEAAV0@AAV0@@Z
??4streambuf@@QAEAAV0@ABV0@@Z
??4strstream@@QAEAAV0@AAV0@@Z
??4strstreambuf@@QAEAAV0@ABV0@@Z
??5istream@@QAEAAV0@AAC@Z
??5istream@@QAEAAV0@AAD@Z
??5istream@@QAEAAV0@AAE@Z
??5istream@@QAEAAV0@AAF@Z
??5istream@@QAEAAV0@AAG@Z
??5istream@@QAEAAV0@AAH@Z
??5istream@@QAEAAV0@AAI@Z
??5istream@@QAEAAV0@AAJ@Z
??5istream@@QAEAAV0@AAK@Z
??5istream@@QAEAAV0@AAM@Z
??5istream@@QAEAAV0@AAN@Z
??5istream@@QAEAAV0@AAO@Z
??5istream@@QAEAAV0@P6AAAV0@AAV0@@Z@Z
??5istream@@QAEAAV0@P6AAAVios@@AAV1@@Z@Z
??5istream@@QAEAAV0@PAC@Z
??5istream@@QAEAAV0@PAD@Z
??5istream@@QAEAAV0@PAE@Z
??5istream@@QAEAAV0@PAVstreambuf@@@Z
??6ostream@@QAEAAV0@C@Z
??6ostream@@QAEAAV0@D@Z
??6ostream@@QAEAAV0@E@Z
??6ostream@@QAEAAV0@F@Z
??6ostream@@QAEAAV0@G@Z
??6ostream@@QAEAAV0@H@Z
??6ostream@@QAEAAV0@I@Z
??6ostream@@QAEAAV0@J@Z
??6ostream@@QAEAAV0@K@Z
??6ostream@@QAEAAV0@M@Z
??6ostream@@QAEAAV0@N@Z
??6ostream@@QAEAAV0@O@Z
??6ostream@@QAEAAV0@P6AAAV0@AAV0@@Z@Z
??6ostream@@QAEAAV0@P6AAAVios@@AAV1@@Z@Z
??6ostream@@QAEAAV0@PAVstreambuf@@@Z
??6ostream@@QAEAAV0@PBC@Z
??6ostream@@QAEAAV0@PBD@Z
??6ostream@@QAEAAV0@PBE@Z
??6ostream@@QAEAAV0@PBX@Z
??7ios@@QBEHXZ
??8type_info@@QBEHABV0@@Z
??9type_info@@QBEHABV0@@Z
??Bios@@QBEPAXXZ
??_7__non_rtti_object@@6B@
??_7bad_cast@@6B@
??_7bad_typeid@@6B@
??_7exception@@6B@
??_7filebuf@@6B@
??_7fstream@@6B@
??_7ifstream@@6B@
??_7ios@@6B@
??_7iostream@@6B@
??_7istream@@6B@
??_7istream_withassign@@6B@
??_7istrstream@@6B@
??_7logic_error@@6B@
??_7ofstream@@6B@
??_7ostream@@6B@
??_7ostream_withassign@@6B@
??_7ostrstream@@6B@
??_7stdiobuf@@6B@
??_7stdiostream@@6B@
??_7streambuf@@6B@
??_7strstream@@6B@
??_7strstreambuf@@6B@
??_8fstream@@7Bistream@@@
??_8fstream@@7Bostream@@@
??_8ifstream@@7B@
??_8iostream@@7Bistream@@@
??_8iostream@@7Bostream@@@
??_8istream@@7B@
??_8istream_withassign@@7B@
??_8istrstream@@7B@
??_8ofstream@@7B@
??_8ostream@@7B@
??_8ostream_withassign@@7B@
??_8ostrstream@@7B@
??_8stdiostream@@7Bistream@@@
??_8stdiostream@@7Bostream@@@
??_8strstream@@7Bistream@@@
??_8strstream@@7Bostream@@@
??_Dfstream@@QAEXXZ
??_Difstream@@QAEXXZ
??_Diostream@@QAEXXZ
??_Distream@@QAEXXZ
??_Distream_withassign@@QAEXXZ
??_Distrstream@@QAEXXZ
??_Dofstream@@QAEXXZ
??_Dostream@@QAEXXZ
??_Dostream_withassign@@QAEXXZ
??_Dostrstream@@QAEXXZ
??_Dstdiostream@@QAEXXZ
??_Dstrstream@@QAEXXZ
??_EIostream_init@@QAEPAXI@Z
??_E__non_rtti_object@@UAEPAXI@Z
??_Ebad_cast@@UAEPAXI@Z
??_Ebad_typeid@@UAEPAXI@Z
??_Eexception@@UAEPAXI@Z
??_Efilebuf@@UAEPAXI@Z
??_Efstream@@UAEPAXI@Z
??_Eifstream@@UAEPAXI@Z
??_Eios@@UAEPAXI@Z
??_Eiostream@@UAEPAXI@Z
??_Eistream@@UAEPAXI@Z
??_Eistream_withassign@@UAEPAXI@Z
??_Eistrstream@@UAEPAXI@Z
??_Elogic_error@@UAEPAXI@Z
??_Eofstream@@UAEPAXI@Z
??_Eostream@@UAEPAXI@Z
??_Eostream_withassign@@UAEPAXI@Z
??_Eostrstream@@UAEPAXI@Z
??_Estdiobuf@@UAEPAXI@Z
??_Estdiostream@@UAEPAXI@Z
??_Estreambuf@@UAEPAXI@Z
??_Estrstream@@UAEPAXI@Z
??_Estrstreambuf@@UAEPAXI@Z
??_GIostream_init@@QAEPAXI@Z
??_G__non_rtti_object@@UAEPAXI@Z
??_Gbad_cast@@UAEPAXI@Z
??_Gbad_typeid@@UAEPAXI@Z
??_Gexception@@UAEPAXI@Z
??_Gfilebuf@@UAEPAXI@Z
??_Gfstream@@UAEPAXI@Z
??_Gifstream@@UAEPAXI@Z
??_Gios@@UAEPAXI@Z
??_Giostream@@UAEPAXI@Z
??_Gistream@@UAEPAXI@Z
??_Gistream_withassign@@UAEPAXI@Z
??_Gistrstream@@UAEPAXI@Z
??_Glogic_error@@UAEPAXI@Z
??_Gofstream@@UAEPAXI@Z
??_Gostream@@UAEPAXI@Z
??_Gostream_withassign@@UAEPAXI@Z
??_Gostrstream@@UAEPAXI@Z
??_Gstdiobuf@@UAEPAXI@Z
??_Gstdiostream@@UAEPAXI@Z
??_Gstreambuf@@UAEPAXI@Z
??_Gstrstream@@UAEPAXI@Z
??_Gstrstreambuf@@UAEPAXI@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?adjustfield@ios@@2JB
?allocate@streambuf@@IAEHXZ
?attach@filebuf@@QAEPAV1@H@Z
?attach@fstream@@QAEXH@Z
?attach@ifstream@@QAEXH@Z
?attach@ofstream@@QAEXH@Z
?bad@ios@@QBEHXZ
?base@streambuf@@IBEPADXZ
?basefield@ios@@2JB
?before@type_info@@QBEHABV1@@Z
?binary@filebuf@@2HB
?bitalloc@ios@@SAJXZ
?blen@streambuf@@IBEHXZ
?cerr@@3Vostream_withassign@@A
?cin@@3Vistream_withassign@@A
?clear@ios@@QAEXH@Z
?clog@@3Vostream_withassign@@A
?close@filebuf@@QAEPAV1@XZ
?close@fstream@@QAEXXZ
?close@ifstream@@QAEXXZ
?close@ofstream@@QAEXXZ
?clrlock@ios@@QAAXXZ
?clrlock@streambuf@@QAEXXZ
?cout@@3Vostream_withassign@@A
?dbp@streambuf@@QAEXXZ
?dec@@YAAAVios@@AAV1@@Z
?delbuf@ios@@QAEXH@Z
?delbuf@ios@@QBEHXZ
?doallocate@streambuf@@MAEHXZ
?doallocate@strstreambuf@@MAEHXZ
?eatwhite@istream@@QAEXXZ
?eback@streambuf@@IBEPADXZ
?ebuf@streambuf@@IBEPADXZ
?egptr@streambuf@@IBEPADXZ
?endl@@YAAAVostream@@AAV1@@Z
?ends@@YAAAVostream@@AAV1@@Z
?eof@ios@@QBEHXZ
?epptr@streambuf@@IBEPADXZ
?fLockcInit@ios@@0HA
?fail@ios@@QBEHXZ
?fd@filebuf@@QBEHXZ
?fd@fstream@@QBEHXZ
?fd@ifstream@@QBEHXZ
?fd@ofstream@@QBEHXZ
?fill@ios@@QAEDD@Z
?fill@ios@@QBEDXZ
?flags@ios@@QAEJJ@Z
?flags@ios@@QBEJXZ
?floatfield@ios@@2JB
?flush@@YAAAVostream@@AAV1@@Z
?flush@ostream@@QAEAAV1@XZ
?freeze@strstreambuf@@QAEXH@Z
?gbump@streambuf@@IAEXH@Z
?gcount@istream@@QBEHXZ
?get@istream@@IAEAAV1@PADHH@Z
?get@istream@@QAEAAV1@AAC@Z
?get@istream@@QAEAAV1@AAD@Z
?get@istream@@QAEAAV1@AAE@Z
?get@istream@@QAEAAV1@AAVstreambuf@@D@Z
?get@istream@@QAEAAV1@PACHD@Z
?get@istream@@QAEAAV1@PADHD@Z
?get@istream@@QAEAAV1@PAEHD@Z
?get@istream@@QAEHXZ
?getdouble@istream@@AAEHPADH@Z
?getint@istream@@AAEHPAD@Z
?getline@istream@@QAEAAV1@PACHD@Z
?getline@istream@@QAEAAV1@PADHD@Z
?getline@istream@@QAEAAV1@PAEHD@Z
?good@ios@@QBEHXZ
?gptr@streambuf@@IBEPADXZ
?hex@@YAAAVios@@AAV1@@Z
?ignore@istream@@QAEAAV1@HH@Z
?in_avail@streambuf@@QBEHXZ
?init@ios@@IAEXPAVstreambuf@@@Z
?ipfx@istream@@QAEHH@Z
?is_open@filebuf@@QBEHXZ
?is_open@fstream@@QBEHXZ
?is_open@ifstream@@QBEHXZ
?is_open@ofstream@@QBEHXZ
?isfx@istream@@QAEXXZ
?iword@ios@@QBEAAJH@Z
?lock@ios@@QAAXXZ
?lock@streambuf@@QAEXXZ
?lockbuf@ios@@QAAXXZ
?lockc@ios@@KAXXZ
?lockptr@ios@@IAEPAU_CRT_CRITICAL_SECTION@@XZ
?lockptr@streambuf@@IAEPAU_CRT_CRITICAL_SECTION@@XZ
?name@type_info@@QBEPBDXZ
?oct@@YAAAVios@@AAV1@@Z
?open@filebuf@@QAEPAV1@PBDHH@Z
?open@fstream@@QAEXPBDHH@Z
?open@ifstream@@QAEXPBDHH@Z
?open@ofstream@@QAEXPBDHH@Z
?openprot@filebuf@@2HB
?opfx@ostream@@QAEHXZ
?osfx@ostream@@QAEXXZ
?out_waiting@streambuf@@QBEHXZ
?overflow@filebuf@@UAEHH@Z
?overflow@stdiobuf@@UAEHH@Z
?overflow@strstreambuf@@UAEHH@Z
?pbackfail@stdiobuf@@UAEHH@Z
?pbackfail@streambuf@@UAEHH@Z
?pbase@streambuf@@IBEPADXZ
?pbump@streambuf@@IAEXH@Z
?pcount@ostrstream@@QBEHXZ
?pcount@strstream@@QBEHXZ
?peek@istream@@QAEHXZ
?pptr@streambuf@@IBEPADXZ
?precision@ios@@QAEHH@Z
?precision@ios@@QBEHXZ
?put@ostream@@QAEAAV1@C@Z
?put@ostream@@QAEAAV1@D@Z
?put@ostream@@QAEAAV1@E@Z
?putback@istream@@QAEAAV1@D@Z
?pword@ios@@QBEAAPAXH@Z
?raw_name@type_info@@QBEPBDXZ
?rdbuf@fstream@@QBEPAVfilebuf@@XZ
?rdbuf@ifstream@@QBEPAVfilebuf@@XZ
?rdbuf@ios@@QBEPAVstreambuf@@XZ
?rdbuf@istrstream@@QBEPAVstrstreambuf@@XZ
?rdbuf@ofstream@@QBEPAVfilebuf@@XZ
?rdbuf@ostrstream@@QBEPAVstrstreambuf@@XZ
?rdbuf@stdiostream@@QBEPAVstdiobuf@@XZ
?rdbuf@strstream@@QBEPAVstrstreambuf@@XZ
?rdstate@ios@@QBEHXZ
?read@istream@@QAEAAV1@PACH@Z
?read@istream@@QAEAAV1@PADH@Z
?read@istream@@QAEAAV1@PAEH@Z
?sbumpc@streambuf@@QAEHXZ
?seekg@istream@@QAEAAV1@J@Z
?seekg@istream@@QAEAAV1@JW4seek_dir@ios@@@Z
?seekoff@filebuf@@UAEJJW4seek_dir@ios@@H@Z
?seekoff@stdiobuf@@UAEJJW4seek_dir@ios@@H@Z
?seekoff@streambuf@@UAEJJW4seek_dir@ios@@H@Z
?seekoff@strstreambuf@@UAEJJW4seek_dir@ios@@H@Z
?seekp@ostream@@QAEAAV1@J@Z
?seekp@ostream@@QAEAAV1@JW4seek_dir@ios@@@Z
?seekpos@streambuf@@UAEJJH@Z
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?setb@streambuf@@IAEXPAD0H@Z
?setbuf@filebuf@@UAEPAVstreambuf@@PADH@Z
?setbuf@fstream@@QAEPAVstreambuf@@PADH@Z
?setbuf@ifstream@@QAEPAVstreambuf@@PADH@Z
?setbuf@ofstream@@QAEPAVstreambuf@@PADH@Z
?setbuf@streambuf@@UAEPAV1@PADH@Z
?setbuf@strstreambuf@@UAEPAVstreambuf@@PADH@Z
?setf@ios@@QAEJJ@Z
?setf@ios@@QAEJJJ@Z
?setg@streambuf@@IAEXPAD00@Z
?setlock@ios@@QAAXXZ
?setlock@streambuf@@QAEXXZ
?setmode@filebuf@@QAEHH@Z
?setmode@fstream@@QAEHH@Z
?setmode@ifstream@@QAEHH@Z
?setmode@ofstream@@QAEHH@Z
?setp@streambuf@@IAEXPAD0@Z
?setrwbuf@stdiobuf@@QAEHHH@Z
?sgetc@streambuf@@QAEHXZ
?sgetn@streambuf@@QAEHPADH@Z
?sh_none@filebuf@@2HB
?sh_read@filebuf@@2HB
?sh_write@filebuf@@2HB
?snextc@streambuf@@QAEHXZ
?sputbackc@streambuf@@QAEHD@Z
?sputc@streambuf@@QAEHH@Z
?sputn@streambuf@@QAEHPBDH@Z
?stdiofile@stdiobuf@@QAEPAU_iobuf@@XZ
?stossc@streambuf@@QAEXXZ
?str@istrstream@@QAEPADXZ
?str@ostrstream@@QAEPADXZ
?str@strstream@@QAEPADXZ
?str@strstreambuf@@QAEPADXZ
?sunk_with_stdio@ios@@0HA
?sync@filebuf@@UAEHXZ
?sync@istream@@QAEHXZ
?sync@stdiobuf@@UAEHXZ
?sync@streambuf@@UAEHXZ
?sync@strstreambuf@@UAEHXZ
?sync_with_stdio@ios@@SAXXZ
?tellg@istream@@QAEJXZ
?tellp@ostream@@QAEJXZ
?terminate@@YAXXZ
?text@filebuf@@2HB
?tie@ios@@QAEPAVostream@@PAV2@@Z
?tie@ios@@QBEPAVostream@@XZ
?unbuffered@streambuf@@IAEXH@Z
?unbuffered@streambuf@@IBEHXZ
?underflow@filebuf@@UAEHXZ
?underflow@stdiobuf@@UAEHXZ
?underflow@strstreambuf@@UAEHXZ
?unexpected@@YAXXZ
?unlock@ios@@QAAXXZ
?unlock@streambuf@@QAEXXZ
?unlockbuf@ios@@QAAXXZ
?unlockc@ios@@KAXXZ
?unsetf@ios@@QAEJJ@Z
?what@exception@@UBEPBDXZ
?width@ios@@QAEHH@Z
?width@ios@@QBEHXZ
?write@ostream@@QAEAAV1@PBCH@Z
?write@ostream@@QAEAAV1@PBDH@Z
?write@ostream@@QAEAAV1@PBEH@Z
?writepad@ostream@@AAEAAV1@PBD0@Z
?ws@@YAAAVistream@@AAV1@@Z
?x_curindex@ios@@0HA
?x_lockc@ios@@0U_CRT_CRITICAL_SECTION@@A
?x_maxbit@ios@@0JA
?x_statebuf@ios@@0PAJA
?xalloc@ios@@SAHXZ
?xsgetn@streambuf@@UAEHPADH@Z
?xsputn@streambuf@@UAEHPBDH@Z
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CxxThrowException

Sections

.text
Size: 243KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MULTICAL.DBF
N014.JPG
.jpg
NORMAL~1.MEM
NOTEPAD.EXE
.exe windows:4 windows x86 arch:x86

4e0988a29e00758ffcdd27532945ab1a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragFinish
ShellAboutA
ShellExecuteA
DragAcceptFiles
SHGetSpecialFolderPathA
DragQueryFileA

kernel32

_lwrite
DeleteFileA
_lclose
_lopen
LocalUnlock
_lcreat
_llseek
LocalReAlloc
LocalAlloc
LocalLock
GlobalAlloc
GetLocalTime
GetTimeFormatA
GetDateFormatA
lstrcmpiA
GetStartupInfoA
GetModuleHandleA
ExitProcess
lstrlenA
lstrcpynA
RtlMoveMemory
lstrcmpA
IsDBCSLeadByte
GetProfileStringA
lstrcatA
FindFirstFileA
FindClose
MulDiv
GetLastError
CreateFileA
GlobalFree
lstrcpyA
GetLocaleInfoA
LocalFree
GetCommandLineA
GlobalUnlock
_lread
GlobalLock

user32

wsprintfA
CloseClipboard
IsClipboardFormatAvailable
OpenClipboard
GetMenu
LoadStringA
LoadAcceleratorsA
GetSystemMenu
RegisterWindowMessageA
SetWindowLongA
CreateWindowExA
LoadCursorA
RegisterClassExA
GetSystemMetrics
UpdateWindow
CharPrevA
GetClientRect
PeekMessageA
SetDlgItemTextA
TabbedTextOutA
CreateDialogParamA
EnableWindow
GetWindowTextA
SendDlgItemMessageA
GetDlgCtrlID
ChildWindowFromPoint
ScreenToClient
GetCursorPos
GetDlgItemTextA
GetSubMenu
CheckMenuItem
SetWindowTextA
IsDialogMessageA
TranslateMessage
DispatchMessageA
GetMessageA
DestroyWindow
MessageBeep
MessageBoxA
DefWindowProcA
EnableMenuItem
GetLastActivePopup
ShowWindow
EndDialog
SetForegroundWindow
WinHelpA
LoadIconA
GetDC
ReleaseDC
SetCursor
SendMessageA
GetFocus
PostMessageA
SetFocus
InvalidateRect
MoveWindow
CharNextA
IsIconic
PostQuitMessage
TranslateAcceleratorA

gdi32

GetObjectA
GetDeviceCaps
CreateFontIndirectA
SelectObject
AbortDoc
EndDoc
DeleteDC
StartPage
StartDocA
EndPage
GetTextExtentPointA
CreateFontA
SetAbortProc
SetBkMode
SetMapMode
GetTextMetricsA
SetWindowExtEx
SetViewportExtEx
LPtoDP
CreateDCA
GetTextCharset
DeleteObject
GetStockObject

comdlg32

GetOpenFileNameA
ChooseFontA
FindTextA
PageSetupDlgA
GetSaveFileNameA
CommDlgExtendedError
GetFileTitleA

advapi32

RegQueryValueExA
RegCloseKey
RegSetValueExA
RegOpenKeyA
RegCreateKeyA

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
OLEAUT32.DLL
.dll regsvr32 windows:4 windows x86 arch:x86

20de0b13751dfdb7f5be44c0f947b93a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

ole32

StgCreateDocfileOnILockBytes
WriteFmtUserTypeStg
WriteClassStg
ReadClassStg
MkParseDisplayName
StgCreateDocfile
CreateBindCtx
CoCreateInstance
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
CoSetState
ReleaseStgMedium
CoGetClassObject
StringFromGUID2
CreateItemMoniker
GetRunningObjectTable
CoGetMalloc
CLSIDFromString
CoUnmarshalInterface
CoMarshalInterface
CoUnmarshalHresult
CoMarshalHresult

user32

CreateWindowExA
RegisterClipboardFormatA
RegisterClassA
GetClassInfoA
GetWindowLongA
IsWindow
DestroyWindow
DefWindowProcA
GetSysColor
SetWindowLongA
SetFocus
SetActiveWindow
GetActiveWindow
PostQuitMessage
PostMessageA
DispatchMessageA
DispatchMessageW
TranslateMessage
GetMessageW
GetMessageA
SendMessageA
EnableWindow
GetParent
GetFocus
CharNextA
GetWindowTextA
CharLowerA
SendMessageW
GetDlgItem
GetKeyState
ReleaseDC
GetDialogBaseUnits
GetDC
GetClientRect
IsWindowUnicode
GetTopWindow
WinHelpA
wsprintfA
DestroyIcon
CreateIcon
CreateCursor
DrawIcon
GetSystemMetrics
GetIconInfo
CopyIcon
CopyImage

gdi32

GetWindowOrgEx
CreateHalftonePalette
CreateDIBitmap
CreateDIBSection
Escape
SetBitmapBits
SetDIBits
PlayMetaFileRecord
CreatePalette
GetEnhMetaFileBits
GetMetaFileBitsEx
CreateCompatibleDC
BitBlt
DeleteDC
CreateCompatibleBitmap
GetBitmapBits
SetEnhMetaFileBits
SaveDC
IntersectClipRect
GetPaletteEntries
OffsetViewportOrgEx
PlayEnhMetaFile
EnumMetaFile
RestoreDC
SetStretchBltMode
SetBkColor
SetTextColor
SetMapMode
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
GetWinMetaFileBits
GetCurrentObject
GetObjectType
GetStockObject
SelectPalette
RealizePalette
StretchBlt
GetDIBits
StretchDIBits
GetObjectA
GetBitmapDimensionEx
GetEnhMetaFileHeader
SetMetaFileBitsEx
CreateBitmap
PatBlt
DeleteEnhMetaFile
DeleteMetaFile
GetTextExtentPointA
GetDeviceCaps
SelectObject
GetTextMetricsW
GetTextMetricsA
GetTextFaceW
GetTextFaceA
EnumFontFamiliesExA
CreateFontIndirectA
DeleteObject

kernel32

GetProcAddress
GlobalSize
FreeLibrary
LockResource
FlushFileBuffers
GetTimeZoneInformation
GetStringTypeW
GetStringTypeA
GetCurrentDirectoryA
VirtualAlloc
HeapSize
HeapReAlloc
RaiseException
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCurrentThreadId
GetCurrentProcess
TerminateProcess
ExitProcess
DeleteFileA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
HeapFree
HeapAlloc
SetEnvironmentVariableA
SetFilePointer
GetLocalTime
MultiByteToWideChar
GetLocaleInfoA
SetStdHandle
LoadLibraryA
GetSystemDefaultLCID
GetUserDefaultLCID
GetVersionExA
TlsGetValue
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
GetModuleHandleA
CompareStringA
CompareStringW
LCMapStringA
LCMapStringW
GetStringTypeExA
GetStringTypeExW
GetLocaleInfoW
GetLastError
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InterlockedExchange
IsBadWritePtr
IsBadReadPtr
GetVersion
IsDBCSLeadByte
MulDiv
RtlUnwind
GetDriveTypeA
LoadResource
FindResourceA
_lclose
_lread
_lwrite
_llseek
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
MapViewOfFile
GlobalHandle
GlobalReAlloc
GlobalDeleteAtom
GlobalAddAtomA
lstrlenW
GetDriveTypeW
TlsAlloc
_lopen
lstrcmpiA
UnmapViewOfFile
CloseHandle
TlsSetValue
GetSystemInfo
CreateFileMappingA
GetFileSize
SearchPathA
TlsFree
CreateFileA
SetErrorMode
GetFullPathNameA
SetLastError
GetCommandLineA

advapi32

RegOpenKeyW
RegQueryInfoKeyA
RegDeleteKeyA
RegCreateKeyW
RegQueryValueExW
RegSetValueExW
RegQueryValueW
RegEnumKeyW
RegCloseKey
RegFlushKey
RegSetValueA
RegEnumKeyA
RegQueryValueA
RegOpenKeyA
RegCreateKeyA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA

Exports

Exports

BSTR_UserFree
BSTR_UserMarshal
BSTR_UserSize
BSTR_UserUnmarshal
BstrFromVector
ClearCustData
CreateDispTypeInfo
CreateErrorInfo
CreateStdDispatch
CreateTypeLib
CreateTypeLib2
DispCallFunc
DispGetIDsOfNames
DispGetParam
DispInvoke
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
DosDateTimeToVariantTime
GetActiveObject
GetAltMonthNames
GetErrorInfo
GetRecordInfoFromGuids
GetRecordInfoFromTypeInfo
LHashValOfNameSys
LHashValOfNameSysA
LPSAFEARRAY_Marshal
LPSAFEARRAY_Size
LPSAFEARRAY_Unmarshal
LPSAFEARRAY_UserFree
LPSAFEARRAY_UserMarshal
LPSAFEARRAY_UserSize
LPSAFEARRAY_UserUnmarshal
LoadRegTypeLib
LoadTypeLib
LoadTypeLibEx
OACreateTypeLib2
OaBuildVersion
OleCreateFontIndirect
OleCreatePictureIndirect
OleCreatePropertyFrame
OleCreatePropertyFrameIndirect
OleIconToCursor
OleLoadPicture
OleLoadPictureEx
OleLoadPictureFile
OleLoadPictureFileEx
OleLoadPicturePath
OleSavePictureFile
OleTranslateColor
QueryPathOfRegTypeLib
RegisterActiveObject
RegisterTypeLib
RevokeActiveObject
SafeArrayAccessData
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayAllocDescriptorEx
SafeArrayCopy
SafeArrayCopyData
SafeArrayCreate
SafeArrayCreateEx
SafeArrayCreateVector
SafeArrayCreateVectorEx
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayGetDim
SafeArrayGetElement
SafeArrayGetElemsize
SafeArrayGetIID
SafeArrayGetLBound
SafeArrayGetRecordInfo
SafeArrayGetUBound
SafeArrayGetVartype
SafeArrayLock
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayRedim
SafeArraySetIID
SafeArraySetRecordInfo
SafeArrayUnaccessData
SafeArrayUnlock
SetErrorInfo
SysAllocString
SysAllocStringByteLen
SysAllocStringLen
SysFreeString
SysReAllocString
SysReAllocStringLen
SysStringByteLen
SysStringLen
SystemTimeToVariantTime
UnRegisterTypeLib
UserBSTR_free_inst
UserBSTR_free_local
UserBSTR_from_local
UserBSTR_to_local
UserEXCEPINFO_free_inst
UserEXCEPINFO_free_local
UserEXCEPINFO_from_local
UserEXCEPINFO_to_local
UserHWND_free_inst
UserHWND_free_local
UserHWND_from_local
UserHWND_to_local
UserMSG_free_inst
UserMSG_free_local
UserMSG_from_local
UserMSG_to_local
UserVARIANT_free_inst
UserVARIANT_free_local
UserVARIANT_from_local
UserVARIANT_to_local
VARIANT_UserFree
VARIANT_UserMarshal
VARIANT_UserSize
VARIANT_UserUnmarshal
VarAbs
VarAdd
VarAnd
VarBoolFromCy
VarBoolFromDate
VarBoolFromDec
VarBoolFromDisp
VarBoolFromI1
VarBoolFromI2
VarBoolFromI4
VarBoolFromR4
VarBoolFromR8
VarBoolFromStr
VarBoolFromUI1
VarBoolFromUI2
VarBoolFromUI4
VarBstrCat
VarBstrCmp
VarBstrFromBool
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VarBstrFromDisp
VarBstrFromI1
VarBstrFromI2
VarBstrFromI4
VarBstrFromR4
VarBstrFromR8
VarBstrFromUI1
VarBstrFromUI2
VarBstrFromUI4
VarCat
VarCmp
VarCyAbs
VarCyAdd
VarCyCmp
VarCyCmpR8
VarCyFix
VarCyFromBool
VarCyFromDate
VarCyFromDec
VarCyFromDisp
VarCyFromI1
VarCyFromI2
VarCyFromI4
VarCyFromR4
VarCyFromR8
VarCyFromStr
VarCyFromUI1
VarCyFromUI2
VarCyFromUI4
VarCyInt
VarCyMul
VarCyMulI4
VarCyNeg
VarCyRound
VarCySub
VarDateFromBool
VarDateFromCy
VarDateFromDec
VarDateFromDisp
VarDateFromI1
VarDateFromI2
VarDateFromI4
VarDateFromR4
VarDateFromR8
VarDateFromStr
VarDateFromUI1
VarDateFromUI2
VarDateFromUI4
VarDateFromUdate
VarDateFromUdateEx
VarDecAbs
VarDecAdd
VarDecCmp
VarDecCmpR8
VarDecDiv
VarDecFix
VarDecFromBool
VarDecFromCy
VarDecFromDate
VarDecFromDisp
VarDecFromI1
VarDecFromI2
VarDecFromI4
VarDecFromR4
VarDecFromR8
VarDecFromStr
VarDecFromUI1
VarDecFromUI2
VarDecFromUI4
VarDecInt
VarDecMul
VarDecNeg
VarDecRound
VarDecSub
VarDiv
VarEqv
VarFix
VarFormat
VarFormatCurrency
VarFormatDateTime
VarFormatFromTokens
VarFormatNumber
VarFormatPercent
VarI1FromBool
VarI1FromCy
VarI1FromDate
VarI1FromDec
VarI1FromDisp
VarI1FromI2
VarI1FromI4
VarI1FromR4
VarI1FromR8
VarI1FromStr
VarI1FromUI1
VarI1FromUI2
VarI1FromUI4
VarI2FromBool
VarI2FromCy
VarI2FromDate
VarI2FromDec
VarI2FromDisp
VarI2FromI1
VarI2FromI4
VarI2FromR4
VarI2FromR8
VarI2FromStr
VarI2FromUI1
VarI2FromUI2
VarI2FromUI4
VarI4FromBool
VarI4FromCy
VarI4FromDate
VarI4FromDec
VarI4FromDisp
VarI4FromI1
VarI4FromI2
VarI4FromR4
VarI4FromR8
VarI4FromStr
VarI4FromUI1
VarI4FromUI2
VarI4FromUI4
VarIdiv
VarImp
VarInt
VarMod
VarMonthName
VarMul
VarNeg
VarNot
VarNumFromParseNum
VarOr
VarParseNumFromStr
VarPow
VarR4CmpR8
VarR4FromBool
VarR4FromCy
VarR4FromDate
VarR4FromDec
VarR4FromDisp
VarR4FromI1
VarR4FromI2
VarR4FromI4
VarR4FromR8
VarR4FromStr
VarR4FromUI1
VarR4FromUI2
VarR4FromUI4
VarR8FromBool
VarR8FromCy
VarR8FromDate
VarR8FromDec
VarR8FromDisp
VarR8FromI1
VarR8FromI2
VarR8FromI4
VarR8FromR4
VarR8FromStr
VarR8FromUI1
VarR8FromUI2
VarR8FromUI4
VarR8Pow
VarR8Round
VarRound
VarSub
VarTokenizeFormatString
VarUI1FromBool
VarUI1FromCy
VarUI1FromDate
VarUI1FromDec
VarUI1FromDisp
VarUI1FromI1
VarUI1FromI2
VarUI1FromI4
VarUI1FromR4
VarUI1FromR8
VarUI1FromStr
VarUI1FromUI2
VarUI1FromUI4
VarUI2FromBool
VarUI2FromCy
VarUI2FromDate
VarUI2FromDec
VarUI2FromDisp
VarUI2FromI1
VarUI2FromI2
VarUI2FromI4
VarUI2FromR4
VarUI2FromR8
VarUI2FromStr
VarUI2FromUI1
VarUI2FromUI4
VarUI4FromBool
VarUI4FromCy
VarUI4FromDate
VarUI4FromDec
VarUI4FromDisp
VarUI4FromI1
VarUI4FromI2
VarUI4FromI4
VarUI4FromR4
VarUI4FromR8
VarUI4FromStr
VarUI4FromUI1
VarUI4FromUI2
VarUdateFromDate
VarWeekdayName
VarXor
VariantChangeType
VariantChangeTypeEx
VariantClear
VariantCopy
VariantCopyInd
VariantInit
VariantTimeToDosDateTime
VariantTimeToSystemTime
VectorFromBstr

Sections

.text
Size: 520KB - Virtual size: 519KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
OLEPRO32.DLL
.dll regsvr32 windows:4 windows x86 arch:x86

8f50e2228a97d0224410529663a78a82

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

SetLastError
GetModuleHandleA
InitializeCriticalSection
DeleteCriticalSection
lstrlenW
GlobalAddAtomA
GlobalDeleteAtom
GlobalReAlloc
GlobalHandle
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
FindResourceA
LoadResource
LockResource
FreeLibrary
MulDiv
IsDBCSLeadByte
LoadLibraryA
InterlockedDecrement
HeapDestroy
SetFilePointer
SetStdHandle
CloseHandle
FlushFileBuffers
RaiseException
GetLocaleInfoW
InterlockedIncrement
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetProcAddress
WideCharToMultiByte
VirtualAlloc
LCMapStringW
LCMapStringA
WriteFile
VirtualFree
HeapCreate
GetCommandLineA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetCurrentProcess
TerminateProcess
ExitProcess
HeapFree
HeapAlloc
GetVersion
GetLastError
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
InterlockedExchange
RtlUnwind

user32

GetMessageA
SendMessageA
EnableWindow
CopyIcon
GetIconInfo
CopyImage
DrawIcon
CreateCursor
GetSystemMetrics
DestroyIcon
wsprintfA
GetSysColor
SetWindowLongA
GetWindowLongA
DestroyWindow
SetFocus
IsWindow
SetActiveWindow
GetActiveWindow
PostQuitMessage
PostMessageA
DispatchMessageA
DispatchMessageW
TranslateMessage
GetMessageW
RegisterClipboardFormatA
GetDlgItem
CreateIcon
GetParent
GetFocus
CharNextA
GetWindowTextA
CharLowerA
SendMessageW
GetDC
GetKeyState
ReleaseDC
GetDialogBaseUnits
GetClientRect
IsWindowUnicode
GetTopWindow
WinHelpA

gdi32

SetViewportExtEx
SetMapMode
SetTextColor
DeleteDC
CreateCompatibleBitmap
PatBlt
DeleteEnhMetaFile
DeleteMetaFile
GetTextExtentPointA
GetPaletteEntries
DeleteObject
CreateFontIndirectA
EnumFontFamiliesExA
GetTextFaceA
GetTextFaceW
GetTextMetricsA
GetTextMetricsW
SelectObject
GetDeviceCaps
CreateBitmap
SetMetaFileBitsEx
GetEnhMetaFileHeader
GetBitmapDimensionEx
GetObjectA
StretchDIBits
GetDIBits
StretchBlt
RealizePalette
SelectPalette
GetStockObject
GetObjectType
GetCurrentObject
CreateHalftonePalette
CreateDIBitmap
CreateDIBSection
Escape
SetBitmapBits
SetDIBits
PlayMetaFileRecord
CreatePalette
GetEnhMetaFileBits
GetMetaFileBitsEx
CreateCompatibleDC
BitBlt
SetViewportOrgEx
GetWinMetaFileBits
GetBitmapBits
SetEnhMetaFileBits
SaveDC
IntersectClipRect
GetWindowOrgEx
OffsetViewportOrgEx
PlayEnhMetaFile
EnumMetaFile
RestoreDC
SetStretchBltMode
SetBkColor
SetWindowOrgEx
SetWindowExtEx

ole32

ReleaseStgMedium
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
StgCreateDocfile
CoCreateInstance
StringFromGUID2
CoGetMalloc

advapi32

RegFlushKey
RegQueryValueA
RegSetValueA
RegCreateKeyA
RegOpenKeyA
RegCloseKey

oleaut32

SysAllocString
VariantClear
VariantChangeType
SysFreeString
VariantInit
LoadTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
OleCreateFontIndirect
OleCreatePictureIndirect
OleCreatePropertyFrame
OleCreatePropertyFrameIndirect
OleIconToCursor
OleLoadPicture
OleTranslateColor

Sections

.text
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
OOFL.ICO
PERSONAL.CDX
PERSONAL.DBF
QMKH.DBC
QMKH.DCT
.js
QMKH.DCX
QUESTION.ICO
RANKS.CDX
RANKS.DBF
RDY1.JPG
.jpg
RDY1OLD.JPG
.jpg
RULERS.ICO
SETUP2.LST
SOUND1.MID
SOUND111.MID
SOUND2.MID
SOUND211.MID
SOUND3.MID
SOUND311.MID
SOUND4.MID
SOUND5.MID
SOUND6.MID
SOUND7.MID
SOUND8.MID
STDOLE2.TLB
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SUBJEC~1.DBF
TABSEG~1.CDX
TABSEG~1.DBF
TEACHER.CDX
TEACHER.DBF
TEACHE~1.CDX
TEACHE~1.DBF
USETAB.DBF
VFP6R.DLL
.dll regsvr32 windows:4 windows x86 arch:x86

f5980ed470e407cb5f29a5787bb80355

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetShortPathNameA
GetACP
GetStringTypeExA
SizeofResource
GetComputerNameA
GetOEMCP
GetTickCount
GlobalFlags
CreateProcessA
GetUserDefaultLangID
GlobalReAlloc
GetSystemInfo
HeapReAlloc
GetSystemDirectoryA
IsBadCodePtr
HeapFree
HeapCreate
GlobalMemoryStatus
VirtualFree
VirtualAlloc
HeapAlloc
GetDateFormatA
SetProcessWorkingSetSize
HeapSize
lstrcatA
GetTimeFormatA
GetProfileIntA
lstrcmpiA
HeapDestroy
CreateEventA
GlobalCompact
LoadResource
SetEvent
FindResourceA
_lopen
LockResource
lstrlenA
FormatMessageA
_lread
_lclose
GetSystemDefaultLCID
WideCharToMultiByte
LCMapStringA
IsBadReadPtr
IsDBCSLeadByte
GlobalAlloc
GlobalFree
GetSystemDefaultLangID
MoveFileA
GetCurrentThreadId
GetFileSize
GetCurrentDirectoryA
DeleteFileA
SetCurrentDirectoryA
GetVolumeInformationA
FindNextFileA
GetLogicalDrives
DosDateTimeToFileTime
GetDiskFreeSpaceA
SystemTimeToFileTime
GetFileTime
LocalFileTimeToFileTime
SetFileTime
UnlockFile
CopyFileA
FileTimeToDosDateTime
LocalFree
InitializeCriticalSection
LockFile
lstrlenW
DisableThreadLibraryCalls
GetModuleFileNameA
GetLocaleInfoA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
SetFilePointer
WriteFile
ReadFile
GetFileAttributesA
CreateFileA
GetLastError
GetDriveTypeA
IsValidLocale
GetProfileStringA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
GlobalSize
RaiseException
GlobalLock
GlobalUnlock
SearchPathA
GetModuleHandleA
SetErrorMode
GetCurrentProcessId
MultiByteToWideChar
OutputDebugStringA
MulDiv
WinExec
lstrcpyA
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
FindFirstFileA
FindClose
SetFileAttributesA
LoadLibraryA
GetProcAddress
FreeLibrary
GetCPInfo
GetSystemTime
Sleep
CreateThread
GetVersionExA
WaitForSingleObject
GetExitCodeThread
TerminateThread
CloseHandle
GetLocalTime

user32

EndPaint
GetSubMenu
GetSystemMetrics
BringWindowToTop
SetFocus
SetClassLongA
GetClassLongA
EnableWindow
MessageBoxA
DestroyMenu
DestroyWindow
ShowWindow
MoveWindow
OffsetRect
UpdateWindow
GetWindowLongA
GetDesktopWindow
PostMessageA
InsertMenuItemA
GetMenuItemInfoA
GetMenuItemCount
RemoveMenu
ReleaseDC
GetDC
TranslateMessage
GetQueueStatus
SetTimer
KillTimer
IsWindowVisible
IsIconic
DrawFocusRect
SetClipboardViewer
ChangeClipboardChain
CreateWindowExA
AdjustWindowRect
LoadImageA
RegisterClassA
SendMessageA
DefWindowProcA
RedrawWindow
UnregisterClassA
SetWindowLongA
LoadStringA
FillRect
FrameRect
InflateRect
DrawTextA
SetRectEmpty
CopyRect
PostQuitMessage
GetMenu
ClipCursor
RegisterClipboardFormatA
GetKeyboardLayout
GetCapture
GetAsyncKeyState
ValidateRect
OemToCharBuffA
InSendMessage
CharPrevA
CharNextA
GetKeyboardType
PeekMessageA
CharToOemBuffA
ShowCursor
GetActiveWindow
GetFocus
GetCursorPos
GetKeyState
GetClipboardFormatNameA
CharUpperBuffA
CharLowerBuffA
DialogBoxParamA
CheckRadioButton
CreateIcon
SetCapture
ReleaseCapture
GetClassInfoA
LoadCursorA
CopyAcceleratorTableA
SetParent
IsWindow
CreateCursor
LoadCursorFromFileA
IsDlgButtonChecked
GetWindow
UnionRect
LoadBitmapA
DestroyIcon
DrawIcon
LoadAcceleratorsA
ClientToScreen
CreateAcceleratorTableA
DestroyAcceleratorTable
IsChild
SetClipboardData
GetClipboardData
OpenClipboard
EmptyClipboard
CloseClipboard
FindWindowA
GetWindowThreadProcessId
SetCursorPos
GetCursor
keybd_event
MessageBeep
MapVirtualKeyA
GetKeyboardState
SetKeyboardState
CharToOemA
WinHelpA
SetCursor
SetRect
EndDialog
CallWindowProcA
GetClassInfoExA
RegisterClassExA
GetWindowTextA
GetDlgItem
SendDlgItemMessageA
SetWindowTextA
SetForegroundWindow
SetActiveWindow
GetSysColorBrush
DrawIconEx
AppendMenuA
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetScrollInfo
SetScrollInfo
ShowScrollBar
IsZoomed
AdjustWindowRectEx
MsgWaitForMultipleObjects
GetMenuStringA
GetMenuItemID
CreateMDIWindowA
LoadIconA
SetCaretPos
ShowCaret
ScrollDC
InvalidateRgn
RegisterWindowMessageA
DrawFrameControl
EnableMenuItem
InsertMenuA
ModifyMenuA
SetMenu
SetMenuItemInfoA
SystemParametersInfoA
GetSystemMenu
DeleteMenu
LoadMenuIndirectA
CreatePopupMenu
DrawMenuBar
GrayStringA
GetWindowDC
SubtractRect
GetDCEx
WindowFromPoint
GetClassNameA
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
DispatchMessageA
GetMessageA
DdeAbandonTransaction
DdeUninitialize
DdeInitializeA
DdePostAdvise
DdeClientTransaction
DdeDisconnect
DdeConnect
DdeAccessData
DdeUnaccessData
DdeFreeDataHandle
DdeEnableCallback
DdeGetLastError
DdeNameService
InvalidateRect
SetWindowPos
DestroyCursor
GetClientRect
DdeFreeStringHandle
DdeCreateDataHandle
DdeCreateStringHandleA
DdeQueryStringA
GetSysColor
IsClipboardFormatAvailable
DestroyCaret
CreateCaret
ScreenToClient
GetWindowRect
GetParent
SetWindowRgn
EqualRect
IntersectRect
wsprintfA
CreateMenu
PtInRect
CheckDlgButton
SetDlgItemTextA
GetUpdateRect
BeginPaint
ActivateKeyboardLayout

gdi32

CreateSolidBrush
StretchBlt
EnumFontFamiliesA
GetClipBox
GetBitmapBits
EnumFontsA
GetDeviceCaps
CreateRectRgnIndirect
SetTextColor
Rectangle
SetBkColor
GetTextColor
GetStockObject
GetBkColor
PatBlt
DeleteObject
SelectObject
CreateHalftonePalette
DeleteDC
GetObjectA
GetDIBColorTable
CreateCompatibleDC
CreatePalette
SelectPalette
SetBkMode
RealizePalette
CreateFontIndirectA
BitBlt
GetBkMode
Ellipse
CreateRoundRectRgn
RoundRect
FillRgn
CombineRgn
CreateEllipticRgnIndirect
MoveToEx
CreatePen
LineTo
GetROP2
SetBrushOrgEx
SetROP2
LPtoDP
UnrealizeObject
GetDCOrgEx
CreateRectRgn
CreatePatternBrush
PaintRgn
GetRgnBox
RectInRegion
CreateBitmap
Polyline
GetPixel
FrameRgn
AddFontResourceA
GetTextMetricsA
EnumFontFamiliesExA
SetTextAlign
GetTextAlign
RemoveFontResourceA
CreateHatchBrush
SelectClipRgn
CopyMetaFileA
ExtTextOutA
GetTextExtentPointA
SetRectRgn
CreateCompatibleBitmap
SetStretchBltMode
CreateBrushIndirect
CloseMetaFile
RestoreDC
DeleteMetaFile
GdiFlush
OffsetRgn
SetBitmapBits
AbortDoc
EndDoc
StartDocA
EndPage
StartPage
CreateICA
Escape
CreateDCA
SetViewportExtEx
GetDIBits
StretchDIBits
SetDIBits
CreateDIBitmap
SetWindowOrgEx
SetWindowExtEx
SetMapMode
SetViewportOrgEx
CreateMetaFileA
SaveDC

winspool.drv

ClosePrinter
WritePrinter
DocumentPropertiesA
GetPrinterA
EnumPrintersA
EndDocPrinter
StartDocPrinterA
OpenPrinterA

comdlg32

ChooseColorA
ChooseFontA
CommDlgExtendedError
PrintDlgA
GetOpenFileNameA
GetSaveFileNameA

comctl32

ImageList_Add
ImageList_DragMove
ord17
ImageList_Create
ImageList_Destroy
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_BeginDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_EndDrag

advapi32

RegQueryInfoKeyA
RegEnumValueA
RegDeleteValueA
RegEnumKeyA
RegSetValueA
RegOpenKeyW
RegQueryValueA
RegCreateKeyA
RegQueryValueExA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegOpenKeyA

shell32

SHAppBarMessage
ShellExecuteA
SHFileOperationA
DragQueryFileA

msvcrt

_mbsrchr
_mbsstr
_mbsnbcpy
_mbschr
_mbsnbicmp
_mbsnbcat
_stricmp
_strnicmp
strchr
strrchr
strstr
strncpy
strncat
strcspn
atol
_winmajor
_winminor
strtok
atoi
_mbsicmp
_HUGE
toupper
ceil
floor
sqrt
_itoa
__mb_cur_max
_isctype
_pctype
memcmp
abs
memmove
strcmp
_ftol
strcat
memset
wcslen
wcsncpy
_wcsicmp
_purecall
strcpy
exit
longjmp
_seh_longjmp_unwind
_except_handler3
strlen
_control87
_setjmp3
atof
memchr
strncmp
_mbscspn
_makepath
_splitpath
sin
cos
acos
asin
atan
tan
atan2
pow
exp
log10
log
getenv
_rmdir
_mkdir
_setmode
_isatty
fabs
modf
ldexp
sscanf
_ultoa
iswctype
div
strtoul
isspace
wcschr
wcscat
wcscpy
_strupr
strspn
ldiv
_strrev
_access
__CxxFrameHandler
_CxxThrowException
isalnum
sprintf
fprintf
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
_iob
__dllonexit
_onexit
free
malloc

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

mpr

WNetOpenEnumA
WNetCloseEnum
WNetEnumResourceA
WNetAddConnection2A
WNetGetUserA
WNetCancelConnection2A
WNetGetConnectionA

oleaut32

SafeArrayCreate
SafeArrayUnaccessData
VariantCopy
LoadRegTypeLi
CreateErrorInfo
SysAllocString
SetErrorInfo
SysStringLen
SysAllocStringLen
SysFreeString
VariantInit
LoadTypeLi
SafeArrayGetDim
SafeArrayGetUBound
VariantClear
VariantCopyInd
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayPutElement
SafeArrayAccessData
OleCreatePropertyFrame
GetActiveObject
DispCallFunc
GetErrorInfo
OleCreatePictureIndirect
OleLoadPicture
RevokeActiveObject
VariantChangeType

ole32

OleRegGetUserType
OleRegGetMiscStatus
CoCreateInstance
StringFromGUID2
OleRegEnumVerbs
CreateDataAdviseHolder
CLSIDFromProgID
CoLockObjectExternal
CLSIDFromString
CoRegisterClassObject
CoUninitialize
CoInitialize
ReleaseStgMedium
CoRevokeClassObject
CoGetMalloc
OleCreateMenuDescriptor
DoDragDrop
RegisterDragDrop
RevokeDragDrop
OleDuplicateData
OleGetClipboard
CoTaskMemFree
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleBuildVersion
OleUninitialize
WriteClassStm
OleSaveToStream
CoDisconnectObject
StgCreateDocfile
OleInitialize
StgIsStorageFile
ProgIDFromCLSID
CreateOleAdviseHolder
OleDestroyMenuDescriptor
StgOpenStorage
OleFlushClipboard
OleIsCurrentClipboard
OleIsRunning
BindMoniker
MkParseDisplayName
CreateBindCtx
OleSave
WriteClassStg
OleDraw
OleLoad
CreateFileMoniker
ReadClassStg
OleConvertOLESTREAMToIStorage
OleCreate
OleCreateFromFile
OleCreateLinkToFile
CoIsOle1Class
OleCreateLinkFromData
OleCreateFromData
OleCreateStaticFromData
OleSetContainedObject
OleConvertIStorageToOLESTREAM
OleQueryLinkFromData
OleRun
IsAccelerator
OleSetMenuDescriptor
CreateGenericComposite
CreateItemMoniker
OleSetClipboard
CoGetClassObject
OleDoAutoConvert
ReadClassStm
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleGetIconOfClass
StgOpenStorageOnILockBytes
GetHGlobalFromILockBytes
GetClassFile
OleQueryCreateFromData
StringFromCLSID

winmm

PlaySoundA
timeGetTime

Exports

Exports

@OCXAPIInit@4
DllCanUnloadNow
DllGetClassObject
DllOleInit
DllRegisterServer
DllUnregisterServer
DllWinMain
VFPDllCanUnloadNow
VFPDllGetClassObject

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VFP6RENU.DLL
.dll windows:4 windows x86 arch:x86

105a34c3b3ecaf6803be201e74c83cf4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

LoadStringA
MessageBoxA

kernel32

DisableThreadLibraryCalls

Exports

Exports

DllVersion

Sections

.text
Size: 512B - Virtual size: 125B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 266B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 852KB - Virtual size: 852KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VFP6RUN.EXE
.exe windows:4 windows x86 arch:x86

21b0be9e9c79dd1b598e3cb319374dd2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__setusermatherr
__p__commode
__p__fmode
_initterm
_adjust_fdiv
_controlfp
__dllonexit
??3@YAXPAX@Z
exit
__getmainargs
_acmdln
strlen
_XcptFilter
_exit
??2@YAPAXI@Z
_stricmp
strcpy
__set_app_type
_except_handler3
_onexit

kernel32

GetStartupInfoA
GetModuleHandleA
WideCharToMultiByte
GetCommandLineA
GetModuleFileNameA

user32

LoadStringA
MessageBoxA
wsprintfA

advapi32

RegDeleteKeyA
RegOpenKeyA
RegCreateKeyA
RegSetValueExA
RegCloseKey

ole32

OleInitialize
StringFromGUID2
CoCreateInstance

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 865B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 685B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WIZSET32.DLL
.dll windows:4 windows x86 arch:x86

a6ddee4715543289a7e54b780402c0c5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mssetup

PbAlloc
DoMsgBox
FFree
DoesInfSectionKeyExist
DoesInfSectionExist
FWriteToLogFile
FValidFilePath
GetRegKeyValue32
SzLastChar
DoesFileExist
DriveNumToRootPath
GetVersionNthField
FLanguageMismatchInf
GetSectionKeyVersion
GetVersionOfFile
AddSectionKeyFileToCopyList
GetSectionKeyFilename
CbStrCopyToBuffer
HandleOOM
GetSectionKeySize
DeleteProgmanItem

kernel32

LCMapStringA
GetCommandLineA
SetStdHandle
FlushFileBuffers
SetFilePointer
VirtualAlloc
GetVersion
lstrcmpiA
lstrcpyA
CloseHandle
WaitForSingleObject
CreateProcessA
GetShortPathNameA
GetCurrentProcess
GetLastError
GetCurrentThread
lstrlenA
lstrcatA
DeleteFileA
GetDiskFreeSpaceA
SetErrorMode
GetLocaleInfoW
GetLocaleInfoA
LCMapStringW
TlsFree
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
HeapAlloc
HeapFree
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
LoadLibraryA
GetProcAddress
GetModuleHandleA
WideCharToMultiByte
GetStringTypeA
GetStringTypeW
MultiByteToWideChar
ExitProcess
TerminateProcess
GetCurrentThreadId
TlsSetValue
FreeEnvironmentStringsA
FreeEnvironmentStringsW
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP

user32

CharPrevA
CharUpperBuffA
CharNextA
wsprintfA
LoadCursorA
SetCursor
MessageBoxA

advapi32

RegQueryValueExA
OpenProcessToken
GetTokenInformation
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
OpenThreadToken
RegCloseKey
AllocateAndInitializeSid
EqualSid
FreeSid
RegOpenKeyA
RegQueryValueA

Exports

Exports

DelProgmanItem
Detect95
DetectAdminPrivileges
DetectRegData
DoMessageBox
ExecutePostSetupCommand
GetPathFromReg
InstallSys16PermFile
NeverRemoveGroup
RemoveHelpAuxFile
Silence16BitDSNConversion
SzGetDatadefVer

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
calc.ico
help.ico
��1.DBF
��ʦ��~1.EXE
.exe windows:4 windows x86 arch:x86

208bd77ce42c2f2815c3279bdb7a44d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__set_app_type
__p__fmode
_adjust_fdiv
_controlfp
_access
__p__commode
__setusermatherr
_initterm
__getmainargs
__p__acmdln
exit
_XcptFilter
_exit
_mbschr
strtok
_mbsicmp
_mbsrchr
_mbsncpy
_pctype
_isctype
__mb_cur_max
_except_handler3

kernel32

GetStartupInfoA
GetModuleHandleA
_llseek
_lread
_lopen
_lclose
GetModuleFileNameA
LoadLibraryA
GetProcAddress
GetCurrentDirectoryA
GetSystemDirectoryA
lstrcatA
lstrcpyA

user32

wsprintfA
MessageBoxA
LoadStringA

advapi32

RegQueryValueA
RegOpenKeyA
RegCloseKey

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
教师考核计算系统2.0/SETUP2.CAB
.cab
教师考核计算系统2.0/odbckey.inf
教师考核计算系统2.0/odbcstf.dll
.dll windows:4 windows x86 arch:x86

33fa7ded9bb1e257c02160cf3f709998

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemDirectoryA
GetModuleHandleW
GetModuleFileNameA
GetProcAddress
LocalFree
LocalUnlock
GetCurrentProcess
WaitForSingleObject
CreateProcessA
LoadLibraryA
MoveFileExA
CloseHandle
GetFileSize
FreeLibrary
CreateFileA
GetPrivateProfileStringA
GetLastError
LocalAlloc
LocalLock
GetVersion
FormatMessageA

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegCloseKey

user32

ExitWindowsEx
wsprintfA
GetDesktopWindow
MessageBoxA

msvcrt

_open
free
_stricmp
malloc
_spawnlp
sprintf
sscanf
_close
exit
_access
strchr
strstr
fclose
fflush
fprintf
fopen
getenv

mssetup

CbGetSymbolValue
ForceRestartOn
RestartListEmpty

Exports

Exports

AcmeComplianceCheck
AcmeConfigDataSource
AcmeDetectFileInUse
AcmeDetectOS
AcmeDllRegisterServer
AcmeInstallDriver
AcmeInstallDriverManager
AcmeInstallTranslator
AcmeManageDataSources
AcmeReboot
AsyncEXECalloutCAH
LibMain
NoAdminSyncEXECallout
SyncEXECalloutCAH
SyncEXECalloutCAH1
SzGetDatadefVer

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
教师考核计算系统2.0/setup.exe
教师考核计算系统2.0/setup.inf
教师考核计算系统2.0/setup.ini
教师考核计算系统2.0/setup.lst
教师考核计算系统2.0/setup.stf
教师考核计算系统2.0/setup.tdf

Sharing

General

Malware Config

Signatures

Files

d057661fa0c57da4e10eca58cdf1dc72

Headers

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

ole32

mpr

mssetup

version

shell32

Sections

.text Size: 207KB - Virtual size: 207KB

.bss Size: - Virtual size: 2KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 28KB - Virtual size: 28KB

.idata Size: 10KB - Virtual size: 9KB

.edata Size: 512B - Virtual size: 53B

.rsrc Size: 87KB - Virtual size: 88KB

.reloc Size: 17KB - Virtual size: 16KB

28b659576236be75a4bbcbfa9113e470

Headers

File Characteristics

Imports

ole32

user32

gdi32

kernel32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 100KB

.data Size: 20KB - Virtual size: 25KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 5KB

500ff1538958cc73738bf0c262a1773f

Headers

File Characteristics

Imports

kernel32

user32

Sections

1626829 Size: 4KB - Virtual size: 8KB

2263812 Size: 1KB - Virtual size: 4KB

3760357 Size: 512B - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 8KB

.data Size: 5KB - Virtual size: 8KB

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 512B - Virtual size: 251B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 8B

f3b41576a6979ef1dbcb2ca79384ac19

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 2KB

.rsrc Size: 5KB - Virtual size: 8KB

.xur Size: - Virtual size: 1B

2feb96aed7c08ac62ffbb4f88a439a9c

Headers

File Characteristics

.text
Size: 207KB - Virtual size: 207KB

.bss
Size: - Virtual size: 2KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 28KB - Virtual size: 28KB

.idata
Size: 10KB - Virtual size: 9KB

.edata
Size: 512B - Virtual size: 53B

.rsrc
Size: 87KB - Virtual size: 88KB

.reloc
Size: 17KB - Virtual size: 16KB

.text
Size: 104KB - Virtual size: 100KB

.data
Size: 20KB - Virtual size: 25KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 5KB

1626829
Size: 4KB - Virtual size: 8KB

2263812
Size: 1KB - Virtual size: 4KB

3760357
Size: 512B - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 8KB

.data
Size: 5KB - Virtual size: 8KB

.text
Size: 512B - Virtual size: 251B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 8B

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 2KB

.rsrc
Size: 5KB - Virtual size: 8KB

.xur
Size: - Virtual size: 1B

.text
Size: 1024B - Virtual size: 652B

.orpc
Size: 512B - Virtual size: 52B

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 148B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 210B

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 18KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 15KB - Virtual size: 14KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 5KB - Virtual size: 9KB

.rsrc
Size: 6KB - Virtual size: 5KB

.text
Size: 373KB - Virtual size: 373KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 10KB - Virtual size: 16KB

.rsrc
Size: 83KB - Virtual size: 82KB

.reloc
Size: 22KB - Virtual size: 22KB

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate