2dd35c7ea76ee3b940fdcaebff7e3bc6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2dd35c7ea76ee3b940fdcaebff7e3bc6_JaffaCakes118
Size

3.6MB
MD5

2dd35c7ea76ee3b940fdcaebff7e3bc6
SHA1

144116c5ad9c4dff0ddbc32adb8183bf2bcbc267
SHA256

d6a0f2af240a019f47dca0b50428b38e30b7e0bc7583a051745c9215ec1e6b87
SHA512

e1ae05fd69ed59366d3b731c4f8f07dec431634757adb14ec0e03932e897bcb64445f31b1859af5c73fbbb18d1d62f42c38ac738f7842ff7c13d7201298b46a5
SSDEEP

98304:VhvMgNxutKLlDHmLb6Ac7fwTZVKI7dG1STXYGEF:TE4xg6la6Ac7fsBbYGEF

Score

3^/10

Malware Config

Signatures

Unsigned PE 12 IoCs

Checks for missing Authenticode signature.

resource
2dd35c7ea76ee3b940fdcaebff7e3bc6_JaffaCakes118
unpack002/$PLUGINSDIR/GetVersion.dll
unpack002/$PLUGINSDIR/LangDLL.dll
unpack002/$PLUGINSDIR/NSISCallURL.dll
unpack002/$PLUGINSDIR/System.dll
unpack002/$PLUGINSDIR/nsDialogs.dll
unpack002/PCOptProCtxMenu.dll
unpack002/xmllite.dll
unpack001/$TEMP/PCOptimizerProSetup_STD64.exe
unpack003/$PLUGINSDIR/System.dll
unpack003/$PLUGINSDIR/nsDialogs.dll
unpack003/PCOptimizerPro.exe

NSIS installer 6 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/$TEMP/PCOptimizerProSetup_STD.exe	nsis_installer_1
static1/unpack001/$TEMP/PCOptimizerProSetup_STD.exe	nsis_installer_2
static1/unpack001/$TEMP/PCOptimizerProSetup_STD64.exe	nsis_installer_1
static1/unpack001/$TEMP/PCOptimizerProSetup_STD64.exe	nsis_installer_2

Files

2dd35c7ea76ee3b940fdcaebff7e3bc6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$TEMP/PCOptimizerProSetup_STD.exe
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Code Sign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24/08/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

b8:36:bb:5e:bc:9f:be:e7:ac:39:b7:d5:77:d1:ec:85
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

24/10/2011, 00:00

Not After

23/10/2013, 23:59

Subject

CN=Xportsoft Technologies,OU=Admin,O=Xportsoft Technologies,POSTALCODE=133001,STREET=Kardhan Road+STREET=Near Gugga Maadi\, Kohjkipur,L=Ambala Cantt,ST=Haryana,C=IN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

d4:7f:21:c7:94:38:5c:7b:30:b3:57:51:29:3a:ea:2f:4a:fe:a8:83
Signer

Actual PE Digest

d4:7f:21:c7:94:38:5c:7b:30:b3:57:51:29:3a:ea:2f:4a:fe:a8:83

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 88KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/GetVersion.dll
.dll windows:4 windows x86 arch:x86

5e41893d1528e7648e03f81030aca366

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
lstrcmpiA
GetSystemInfo
GlobalAlloc
lstrcpynA
GetModuleHandleA
lstrcatA
GetVersionExA

user32

wsprintfA
GetSystemMetrics

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

Exports

Exports

WindowsName
WindowsPlatformArchitecture
WindowsPlatformId
WindowsServerName
WindowsServicePack
WindowsServicePackBuild
WindowsServicePackMajor
WindowsServicePackMinor
WindowsType
WindowsVersion

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 374B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

9b6b6a7858e17fb0b17e1c1428330343

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
GetACP
lstrlenA
lstrcmpA
lstrcpynA
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc

user32

SetWindowTextA
SetDlgItemTextA
SendDlgItemMessageA
EndDialog
DialogBoxParamA
LoadIconA
SendMessageA
ShowWindow
GetDC

gdi32

CreateFontIndirectA
GetDeviceCaps
DeleteObject

Exports

Exports

LangDialog

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 697B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/NSISCallURL.dll
.dll windows:5 windows x86 arch:x86

4aa6b52bb41a549bea76a6086cfda996

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

g:\Dev\Our Products\NSISCallURL\Release\NSISCallURL.pdb

Imports

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA

kernel32

GetCommandLineA
HeapAlloc
HeapFree
RtlUnwind
RaiseException
VirtualAlloc
HeapReAlloc
Sleep
ExitProcess
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetACP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetOEMCP
GetCPInfo
CreateFileA
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalFindAtomA
lstrcmpW
GlobalFlags
WritePrivateProfileStringA
GlobalGetAtomNameA
InterlockedIncrement
GetModuleHandleW
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedDecrement
GetModuleFileNameW
GetCurrentProcessId
GlobalAddAtomA
CloseHandle
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
LoadLibraryA
CompareStringA
InterlockedExchange
lstrcmpA
FreeLibrary
GetModuleHandleA
GetProcAddress
GetLastError
SetLastError
GlobalLock
GlobalUnlock
MultiByteToWideChar
lstrlenA
lstrcpynA
GlobalAlloc
GlobalFree
lstrcpyA
LocalFree
FormatMessageA
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetVersionExA
GetEnvironmentStrings

user32

DestroyMenu
ShowWindow
RegisterWindowMessageA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
PtInRect
SetWindowTextA
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetWindowTextA
LoadCursorA
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
UnregisterClassA
UnhookWindowsHookEx
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxA
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
GetParent
SendMessageA
ModifyMenuA
EnableMenuItem
CheckMenuItem
PostMessageA
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
CopyRect
SetMenu

gdi32

DeleteDC
GetStockObject
ExtTextOutA
SetWindowExtEx
ScaleWindowExtEx
TextOutA
RectVisible
PtVisible
ScaleViewportExtEx
SetViewportExtEx
Escape
OffsetViewportOrgEx
SetViewportOrgEx
SaveDC
CreateBitmap
GetDeviceCaps
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SelectObject

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantClear
VariantInit
VariantChangeType

netapi32

NetApiBufferFree
NetWkstaTransportEnum

ws2_32

WSAStartup
gethostname
gethostbyname
inet_ntoa
WSACleanup

Exports

Exports

get
head

Sections

.text
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

1e2884056e655f2b7bc5a904e352fc80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GetFileAttributesA
lstrcmpiA
MulDiv
lstrlenA
HeapFree
GetCurrentDirectoryA
HeapAlloc
HeapReAlloc
GlobalFree
lstrcpynA
GlobalAlloc
GetProcessHeap
SetCurrentDirectoryA

user32

GetPropA
DestroyWindow
CallWindowProcA
SetCursor
LoadCursorA
RemovePropA
CharPrevA
GetWindowLongA
DrawTextA
GetWindowTextA
GetDlgItem
SetWindowLongA
SetWindowPos
CreateDialogParamA
MapWindowPoints
GetWindowRect
SetPropA
CreateWindowExA
IsWindow
SetTimer
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
ShowWindow
wsprintfA
MapDialogRect
GetClientRect
CharNextA
SendMessageA
DrawFocusRect

gdi32

SetTextColor

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Languages/DE.xml
Languages/EN.xml
.xml
Languages/ES.xml
Languages/FR.xml
Languages/IT.xml
PCOptProCtxMenu.dll
.dll regsvr32 windows:5 windows x86 arch:x86

c1f1146998bcf1749c14f104c254cd97

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

g:\DEV_VC\PC Optimizer Pro\PCOptProCtxMenu\Release\PCOptProCtxMenu.pdb

Imports

kernel32

InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
CreateFileA
OpenEventA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
SetHandleCount
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
VirtualFree
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
HeapAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemInfo
VirtualAlloc
OutputDebugStringW
GetFileType
WriteConsoleW
OutputDebugStringA
GetStdHandle
DebugBreak
GetModuleFileNameA
ExitProcess
GetCommandLineA
IsBadReadPtr
HeapValidate
RtlUnwind
FlushFileBuffers
SetFilePointer
WriteFile
GetCurrentProcess
LoadLibraryA
GlobalFindAtomW
GetVersionExA
lstrlenA
GetAtomNameW
GlobalGetAtomNameW
GetModuleHandleA
CompareStringW
GlobalFlags
WritePrivateProfileStringW
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GlobalFree
FormatMessageW
LocalFree
SetLastError
GetCurrentProcessId
GlobalAddAtomW
SetEvent
CloseHandle
InterlockedExchange
WideCharToMultiByte
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
GetCurrentThread
GetCurrentThreadId
GetLocaleInfoW
LoadLibraryW
ConvertDefaultLocale
EnumResourceLanguagesW
Sleep
LeaveCriticalSection
EnterCriticalSection
lstrcpyW
LockResource
GlobalLock
GlobalUnlock
lstrcpynW
lstrcpynA
GetThreadLocale
SetThreadLocale
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
GetModuleFileNameW
lstrcmpiW
GetModuleHandleW
GetProcAddress
GetLastError
RaiseException
lstrlenW
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection

user32

PtInRect
InflateRect
GetClipboardFormatNameA
ReleaseCapture
SetRectEmpty
ShowWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
WinHelpW
TrackPopupMenu
GetClassLongW
SetPropW
GetPropW
CallWindowProcW
RemovePropW
DefWindowProcW
SetMenu
GetMenu
GetMessageTime
GetMessagePos
SetWindowLongW
SetWindowPos
IntersectRect
SystemParametersInfoA
GetWindowPlacement
RegisterWindowMessageW
DestroyWindow
GetDlgItem
DestroyMenu
LoadAcceleratorsW
LoadIconW
LoadCursorW
GetForegroundWindow
SetForegroundWindow
GetTopWindow
GetCapture
SetActiveWindow
GetActiveWindow
ShowOwnedPopups
IsWindowVisible
InvalidateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
ScreenToClient
MapWindowPoints
GetClientRect
BringWindowToTop
IsIconic
GetDesktopWindow
GetWindowTextW
SetWindowTextW
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameW
UnregisterClassW
UnhookWindowsHookEx
LoadMenuW
ModifyMenuW
InsertMenuItemW
GetMenuItemInfoW
EnableMenuItem
CheckMenuItem
CreatePopupMenu
GrayStringW
DrawTextExW
FillRect
GetSysColorBrush
IsMenu
GetMenuItemCount
GetSubMenu
GetMenuState
GetMenuItemID
MessageBoxW
GetWindowLongW
GetParent
GetLastActivePopup
IsWindowEnabled
EnableWindow
GetWindowThreadProcessId
SetCursor
GetKeyState
CharNextW
InsertMenuW
DrawTextW
OffsetRect
CallNextHookEx
PeekMessageW
GetCursorPos
SetWindowsHookExW
ValidateRect
GetMessageW
TranslateMessage
DispatchMessageW
GetMenuCheckMarkDimensions
LoadBitmapW
SetMenuItemBitmaps
GetFocus
GetSystemMetrics
DrawIconEx
SetRect
GetIconInfo
CopyRect
GetSysColor
SendMessageW
FindWindowExW
SystemParametersInfoW
ReuseDDElParam
TranslateAcceleratorW
UnpackDDElParam
GetClipboardFormatNameW
PostQuitMessage
TabbedTextOutW
PostMessageW
IsWindow

gdi32

PtVisible
RectVisible
CreateBitmap
GetDeviceCaps
GetStockObject
GetObjectType
SetBkMode
GetTextExtentPoint32W
DeleteObject
DeleteDC
SelectObject
CreateCompatibleDC
ExtTextOutW
GetObjectW
SetBkColor
SetTextColor
CreateSolidBrush
CreatePatternBrush
CreateFontIndirectW
CreateCompatibleBitmap
BitBlt
GetPixel
TextOutW
Escape
SaveDC
RestoreDC
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox

advapi32

OpenThreadToken
SetThreadToken
RegOpenKeyW
RegEnumKeyW
RegQueryValueW
RevertToSelf
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

shell32

DragFinish
DragQueryFileW
SHGetFileInfoW
ShellExecuteW

ole32

ReleaseStgMedium
StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
StringFromCLSID

oleaut32

VariantClear
VariantInit
VariantChangeType
LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysStringLen
SysFreeString

shlwapi

PathFindExtensionW
PathFindFileNameW
PathFileExistsW

oleacc

LresultFromObject
CreateStdAccessibleObject

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 379KB - Virtual size: 379KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PCOptProTrays.exe
.exe windows:5 windows x86 arch:x86

ec6dfdfc5176d8ca88237f360cb06851

Code Sign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24/08/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

b8:36:bb:5e:bc:9f:be:e7:ac:39:b7:d5:77:d1:ec:85
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

24/10/2011, 00:00

Not After

23/10/2013, 23:59

Subject

CN=Xportsoft Technologies,OU=Admin,O=Xportsoft Technologies,POSTALCODE=133001,STREET=Kardhan Road+STREET=Near Gugga Maadi\, Kohjkipur,L=Ambala Cantt,ST=Haryana,C=IN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

13:72:2e:94:70:60:12:e8:8d:7b:57:7e:ae:80:de:9b:56:c0:88:c8
Signer

Actual PE Digest

13:72:2e:94:70:60:12:e8:8d:7b:57:7e:ae:80:de:9b:56:c0:88:c8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\DEV_VC\PC Optimizer Pro\Release\PCOptProTrays.pdb

Imports

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

wininet

InternetOpenUrlW
InternetOpenW
InternetReadFile
InternetCloseHandle

xmllite

CreateXmlReader

kernel32

TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
RtlUnwind
HeapReAlloc
SetStdHandle
GetFileType
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitProcess
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStartupInfoW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
GetStringTypeA
GetStringTypeW
CreateFileA
SetEnvironmentVariableA
GetTickCount
WritePrivateProfileStringW
SetErrorMode
GetFileTime
GetFileSizeEx
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GlobalFlags
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedExchange
lstrlenA
lstrcmpA
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
RaiseException
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
InterlockedDecrement
GetModuleHandleW
GetCurrentProcessId
MulDiv
GetModuleHandleA
SetLastError
FreeResource
WideCharToMultiByte
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
Sleep
CreateMutexW
FreeLibrary
GetProcAddress
LoadLibraryW
GetModuleFileNameW
LocalFree
FormatMessageW
MultiByteToWideChar
GetFileSize
lstrlenW
FileTimeToSystemTime
FileTimeToLocalFileTime
FindClose
FindFirstFileW
GetFileAttributesW
GetVersionExW
CloseHandle
CreateFileW
GetLastError
GetCurrentProcess
LockResource
SizeofResource
LoadResource
FindResourceW
GetCommandLineW

user32

SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
EqualRect
DefWindowProcW
CallWindowProcW
GetMenu
IntersectRect
SystemParametersInfoA
GetWindowPlacement
RegisterWindowMessageW
PostMessageW
CharUpperW
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
GetNextDlgGroupItem
MessageBoxW
GetWindowDC
ReleaseDC
GetDC
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
CopyRect
GetCursorPos
SetWindowLongW
IsWindowVisible
LoadCursorW
SetWindowPos
GetDlgCtrlID
GetWindow
MoveWindow
AdjustWindowRectEx
ClientToScreen
EndPaint
BeginPaint
GetSystemMetrics
IsIconic
LoadIconW
GetKeyState
GetAsyncKeyState
SetCapture
PtInRect
FillRect
SetTimer
KillTimer
IsWindow
SendMessageW
ReleaseCapture
RegisterClipboardFormatW
SetCursor
OffsetRect
DestroyMenu
GetClientRect
UpdateWindow
InvalidateRect
GetParent
RedrawWindow
GetSysColor
EnableWindow
GetWindowRect
SystemParametersInfoW
DispatchMessageW
TranslateMessage
IsDialogMessageW
PeekMessageW
LoadBitmapW
SetWindowContextHelpId
MapDialogRect
CharNextW
InvalidateRgn
SetRect
IsRectEmpty
CopyAcceleratorTableW
UnregisterClassW
GetSysColorBrush
PostThreadMessageW
TabbedTextOutW
MessageBeep
PostQuitMessage
GetMessageW
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
ShowWindow
SetWindowTextW
SendDlgItemMessageW
GetClassNameW
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
IsWindowEnabled
GetClassLongW
SendDlgItemMessageA

gdi32

DeleteDC
SetTextColor
SetBkMode
SetBkColor
TextOutW
SaveDC
RestoreDC
SetMapMode
GetClipBox
SetTextAlign
GetViewportExtEx
SelectObject
PtVisible
RectVisible
Escape
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
GetTextExtentPointA
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreateBitmap
GetDeviceCaps
CreateRectRgnIndirect
GetMapMode
DPtoLP
GetRgnBox
GetBkColor
GetTextColor
ExtTextOutW
CreateFontW
GetStockObject
SetViewportOrgEx
GetViewportOrgEx
DeleteObject
CreateSolidBrush
CreateFontIndirectW
GetTextMetricsA
GetObjectW
GetWindowExtEx

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyW
RegQueryValueW
RegSetValueExW
RegEnumKeyW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW

shell32

ShellExecuteW

shlwapi

PathRemoveFileSpecW
PathFileExistsW
PathAppendW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
SHCreateStreamOnFileW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CLSIDFromProgID
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject

oleaut32

VariantCopy
VariantChangeType
SysAllocStringLen
SysAllocString
DispCallFunc
LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetElemsize
SafeArrayCreate
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysStringLen
VariantClear
SysFreeString
VariantInit

Sections

.text
Size: 307KB - Virtual size: 307KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PCOptimizerPro.exe
.exe windows:5 windows x86 arch:x86

5897f21e7098290c3704bfc539d451c4

Code Sign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24/08/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

b8:36:bb:5e:bc:9f:be:e7:ac:39:b7:d5:77:d1:ec:85
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

24/10/2011, 00:00

Not After

23/10/2013, 23:59

Subject

CN=Xportsoft Technologies,OU=Admin,O=Xportsoft Technologies,POSTALCODE=133001,STREET=Kardhan Road+STREET=Near Gugga Maadi\, Kohjkipur,L=Ambala Cantt,ST=Haryana,C=IN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

63:10:f2:76:03:68:ab:24:5a:30:14:c4:16:df:c9:83:c4:8d:e0:6b
Signer

Actual PE Digest

63:10:f2:76:03:68:ab:24:5a:30:14:c4:16:df:c9:83:c4:8d:e0:6b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\DEV_VC\PC Optimizer Pro\Release\PCOptimizerPro.pdb

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

winmm

waveOutGetNumDevs
waveOutGetDevCapsW

mpr

WNetGetUserW

wininet

InternetCloseHandle
InternetOpenW
InternetOpenUrlW
InternetReadFile

xmllite

CreateXmlReader

iphlpapi

GetAdaptersInfo

kernel32

GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalFlags
SetErrorMode
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
ExitThread
CreateThread
RtlUnwind
HeapReAlloc
SetStdHandle
GetFileType
VirtualAlloc
ExitProcess
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
LCMapStringW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryA
LCMapStringA
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetDriveTypeA
SetEnvironmentVariableA
WritePrivateProfileStringW
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedExchange
lstrlenA
lstrcmpA
GetFileTime
GetFileSizeEx
GetFullPathNameW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
VirtualProtect
SetThreadPriority
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
GetVersionExA
TlsGetValue
GetCurrentProcessId
InterlockedDecrement
ReadFile
SetFilePointer
GetFileInformationByHandle
GetSystemInfo
GetComputerNameW
GlobalMemoryStatus
GetVolumeInformationW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
InterlockedIncrement
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
GetCurrentThread
Process32NextW
TerminateProcess
Process32FirstW
CreateToolhelp32Snapshot
OpenProcess
lstrcpyW
WinExec
lstrcatW
LoadLibraryExW
ResetEvent
SetEvent
FreeResource
ResumeThread
MulDiv
CreateEventW
SuspendThread
WideCharToMultiByte
GetTickCount
GetLocalTime
SystemTimeToFileTime
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
OutputDebugStringW
GlobalMemoryStatusEx
CreateMutexW
CreateDirectoryW
RaiseException
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
FlushInstructionCache
LocalFree
FormatMessageW
FreeLibrary
SetLastError
GetUserDefaultLangID
LoadLibraryW
GetFileSize
CopyFileW
FindNextFileW
FileTimeToSystemTime
FileTimeToLocalFileTime
FindClose
GetFileAttributesW
GetVersion
GetProcAddress
GetModuleHandleW
GetDiskFreeSpaceExW
GetCurrentDirectoryW
GetWindowsDirectoryW
GetSystemDirectoryW
GetModuleFileNameW
QueryPerformanceFrequency
QueryPerformanceCounter
GetSystemTime
GetVersionExW
GetCurrentProcess
WriteFile
MultiByteToWideChar
GetLastError
MoveFileExW
SetFileAttributesW
Sleep
FindFirstFileW
CloseHandle
CreateFileW
GetDriveTypeW
ExpandEnvironmentStringsW
MoveFileW
WaitForSingleObject
DeleteFileW
RemoveDirectoryW
lstrlenW
FindResourceW
LoadResource
LockResource
SizeofResource
GetModuleHandleA
LocalAlloc
InterlockedCompareExchange
IsProcessorFeaturePresent
VirtualQuery

user32

ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
CheckMenuItem
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetTopWindow
GetMessageTime
MapWindowPoints
GetKeyState
SetMenu
GetScrollRange
SetScrollPos
GetScrollPos
UnregisterClassA
GetClassInfoW
RegisterClassW
EqualRect
SetScrollInfo
GetMenu
SystemParametersInfoA
GetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetNextDlgTabItem
EndDialog
IntersectRect
GetWindowTextLengthW
GetWindowTextW
GetFocus
SetWindowPos
SetFocus
ShowWindow
SetWindowTextW
SendDlgItemMessageW
GetDlgItem
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
UnhookWindowsHookEx
GetMenuState
GetMessageW
GetMenuItemID
GetMenuItemCount
IsWindowVisible
GetKeyboardType
EnumDisplayDevicesW
ExitWindowsEx
GetDlgCtrlID
GetWindow
AdjustWindowRectEx
ClientToScreen
EndPaint
BeginPaint
GetWindowPlacement
EnumDisplaySettingsW
FindWindowExW
WaitForInputIdle
MessageBoxW
ScreenToClient
DestroyCursor
SetLayeredWindowAttributes
EnableMenuItem
ModifyMenuW
SetActiveWindow
DrawIcon
IsIconic
MoveWindow
FindWindowW
GetIconInfo
FrameRect
CreateWindowExW
GetClassInfoExW
RegisterClassExW
GetDesktopWindow
GetMenuDefaultItem
TrackPopupMenu
SetForegroundWindow
GetCursorPos
LoadImageW
CreateIconIndirect
GetSystemMetrics
LoadMenuW
SetMenuDefaultItem
GetSubMenu
DestroyIcon
RegisterWindowMessageW
CallWindowProcW
DefWindowProcW
GetWindowLongW
SetWindowLongW
GetAsyncKeyState
MapDialogRect
CharUpperW
WindowFromPoint
DestroyMenu
PostQuitMessage
SetWindowContextHelpId
GetSysColorBrush
UnregisterClassW
CopyAcceleratorTableW
IsRectEmpty
InvalidateRgn
CharNextW
IsWindow
SetCapture
ReleaseCapture
GetWindowRect
CopyIcon
GrayStringW
DrawTextExW
TabbedTextOutW
DrawEdge
GetNextDlgGroupItem
MessageBeep
PostThreadMessageW
RegisterClipboardFormatW
UpdateWindow
GetScrollInfo
PtInRect
OffsetRect
SetRectEmpty
GetParent
PostMessageW
ReleaseDC
GetDC
RedrawWindow
DispatchMessageW
TranslateMessage
IsDialogMessageW
PeekMessageW
LoadCursorW
SetCursor
SetWindowRgn
InflateRect
InvalidateRect
DrawTextW
SetRect
DrawFocusRect
GetSysColor
CopyRect
KillTimer
LoadIconW
SetTimer
LoadBitmapW
FillRect
GetClientRect
EnableWindow
SendMessageW
GetMessagePos
GetWindowDC

gdi32

CreateRectRgnIndirect
GetRgnBox
GetCurrentObject
GetTextExtentPointA
GetTextMetricsA
SelectClipRgn
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetTextAlign
GetClipBox
SetMapMode
GetStockObject
SetTextColor
GetTextColor
GetTextMetricsW
CreateCompatibleBitmap
BitBlt
SelectObject
CreateDIBSection
DeleteObject
DeleteDC
StretchBlt
GetObjectW
CreateCompatibleDC
CreateSolidBrush
SetTextJustification
SetBkColor
SetBkMode
LineTo
MoveToEx
GetTextAlign
CreateBitmap
FrameRgn
SetViewportOrgEx
GetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetBkColor
DPtoLP
GetViewportExtEx
GetWindowExtEx
GetMapMode
LPtoDP
CreatePen
CreateRoundRectRgn
CreateFontW
Pie
RestoreDC
GetTextExtentPoint32W
SaveDC
GetDeviceCaps
GetCurrentPositionEx
CreateFontIndirectW
SetStretchBltMode

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

OpenThreadToken
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegEnumKeyW
RegEnumValueW
RegQueryValueExW
RegSetKeySecurity
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAce
InitializeAcl
RegGetKeySecurity
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
CopySid
GetLengthSid
GetUserNameW
RegCloseKey
RegQueryValueW
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
GetTokenInformation
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyW
RegEnumKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegQueryInfoKeyW

shell32

SHGetFolderPathW
DragAcceptFiles
DragQueryFileW
SHGetSpecialFolderPathW
SHGetMalloc
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetDataFromIDListW
SHEmptyRecycleBinW
ShellExecuteW
Shell_NotifyIconW
ord680
SHGetFileInfoW
ShellExecuteExW

comctl32

InitCommonControlsEx
ord17
ImageList_GetImageCount
ImageList_GetIcon
_TrackMouseEvent

shlwapi

PathFileExistsW
PathIsRelativeW
PathIsRootW
PathFindOnPathW
PathIsDirectoryW
PathFindExtensionW
PathRenameExtensionW
PathRemoveFileSpecW
PathAppendW
PathCompactPathW
SHCreateStreamOnFileW
PathRemoveBlanksW
SHDeleteKeyW
PathStripToRootW
PathIsUNCW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

OleIsCurrentClipboard
CreateILockBytesOnHGlobal
CoTaskMemFree
CoUninitialize
CoCreateInstance
CoInitialize
CoRegisterMessageFilter
CoInitializeEx
CLSIDFromProgID
CoTaskMemAlloc
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
CoRevokeClassObject
OleFlushClipboard

oleaut32

SafeArrayDestroy
SysAllocString
VariantCopy
VariantChangeType
SysStringLen
SysAllocStringLen
VariantClear
VariantInit
OleCreateFontIndirect
OleLoadPicture
SystemTimeToVariantTime
VariantTimeToSystemTime
VarDateFromStr
SysFreeString

ws2_32

WSAStartup
gethostname
gethostbyname
inet_ntoa
WSACleanup

rpcrt4

UuidCreateSequential

netapi32

NetWkstaTransportEnum
NetApiBufferFree

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 314KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11.2MB - Virtual size: 11.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
StartApps.exe
.exe windows:5 windows x86 arch:x86

bb6c4b376c3b7023439d039164ffd08d

Code Sign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24/08/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

b8:36:bb:5e:bc:9f:be:e7:ac:39:b7:d5:77:d1:ec:85
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

24/10/2011, 00:00

Not After

23/10/2013, 23:59

Subject

CN=Xportsoft Technologies,OU=Admin,O=Xportsoft Technologies,POSTALCODE=133001,STREET=Kardhan Road+STREET=Near Gugga Maadi\, Kohjkipur,L=Ambala Cantt,ST=Haryana,C=IN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

fe:36:12:7f:e5:30:00:f4:b0:db:36:29:6d:b7:5a:99:de:f1:a7:8b
Signer

Actual PE Digest

fe:36:12:7f:e5:30:00:f4:b0:db:36:29:6d:b7:5a:99:de:f1:a7:8b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\DEV_VC\PC Optimizer Pro\Release\StartApps.pdb

Imports

kernel32

ExitProcess
HeapReAlloc
RaiseException
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
HeapFree
HeapAlloc
GetStartupInfoW
GetFileTime
GetFileSizeEx
GetFileAttributesW
FileTimeToLocalFileTime
GetTickCount
SetErrorMode
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
FileTimeToSystemTime
lstrlenA
GetThreadLocale
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetModuleHandleA
GlobalFindAtomW
GetVersionExW
CompareStringW
LoadLibraryA
GetVersionExA
InterlockedDecrement
GetCurrentProcessId
GlobalAddAtomW
CloseHandle
GetLastError
SetLastError
GlobalUnlock
FormatMessageW
LocalFree
MulDiv
lstrlenW
WritePrivateProfileStringW
FreeResource
GlobalFree
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
LoadLibraryW
WideCharToMultiByte
CompareStringA
MultiByteToWideChar
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
FreeLibrary
GetModuleHandleW
GetProcAddress
GetModuleFileNameW
Sleep
FindResourceW
LoadResource
LockResource
IsDebuggerPresent
SizeofResource

user32

RegisterClipboardFormatW
PostThreadMessageW
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableW
CharNextW
ReleaseCapture
LoadCursorW
SetCapture
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextW
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetSysColor
DestroyMenu
CopyRect
LoadIconW
SendMessageW
UnhookWindowsHookEx
GetWindowThreadProcessId
GetLastActivePopup
MessageBoxW
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
UnregisterClassW
CharUpperW
GetSysColorBrush
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
IsIconic
GetSystemMetrics
GetClientRect
EnableWindow
PostMessageW
PostQuitMessage
SetWindowPos
MapDialogRect
GetParent
SetWindowContextHelpId
GetWindow
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
EndDialog
GetNextDlgTabItem
IsWindowEnabled
GetDlgItem
GetWindowLongW
IsWindow
DestroyWindow
CreateDialogIndirectParamW
SetActiveWindow
GetActiveWindow
GetDesktopWindow
CheckMenuItem
EnableMenuItem
ModifyMenuW
GetFocus
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
WinHelpW

gdi32

ExtSelectClipRgn
DeleteDC
GetStockObject
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutW
RectVisible
PtVisible
GetDeviceCaps
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
ExtTextOutW
GetObjectW
CreateBitmap

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegDeleteKeyW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW

shell32

ShellExecuteW

comctl32

InitCommonControlsEx

shlwapi

PathFileExistsW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathRemoveFileSpecW
PathAppendW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
OleIsCurrentClipboard
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
OleFlushClipboard
CoRegisterMessageFilter
CoGetClassObject

oleaut32

SysAllocStringLen
SysStringLen
VariantClear
VariantChangeType
VariantInit
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocString
VariantCopy
SysFreeString

Sections

.text
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
UpdatesDll_s.dll
.dll windows:5 windows x86 arch:x86

54489bbd6a8db52133ecacbff84de827

Code Sign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24/08/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

b8:36:bb:5e:bc:9f:be:e7:ac:39:b7:d5:77:d1:ec:85
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

24/10/2011, 00:00

Not After

23/10/2013, 23:59

Subject

CN=Xportsoft Technologies,OU=Admin,O=Xportsoft Technologies,POSTALCODE=133001,STREET=Kardhan Road+STREET=Near Gugga Maadi\, Kohjkipur,L=Ambala Cantt,ST=Haryana,C=IN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6b:7d:16:52:7f:f6:3b:ee:ec:31:16:d9:8c:ac:ee:38:ff:d5:aa:0c
Signer

Actual PE Digest

6b:7d:16:52:7f:f6:3b:ee:ec:31:16:d9:8c:ac:ee:38:ff:d5:aa:0c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

G:\DEV_VC\PC Optimizer Pro\Release\UpdatesDll_s.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

wininet

InternetCanonicalizeUrlW
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetCloseHandle
InternetReadFile
InternetOpenUrlW
InternetOpenW
InternetCrackUrlW
InternetQueryOptionW
InternetQueryDataAvailable

xmllite

CreateXmlReader

kernel32

GetFileSizeEx
GetFileTime
WritePrivateProfileStringW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitThread
CreateThread
HeapFree
HeapAlloc
GetCommandLineA
RaiseException
RtlUnwind
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
GetStdHandle
GetModuleFileNameA
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
GetLocaleInfoA
LCMapStringA
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
InterlockedIncrement
GlobalFlags
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
lstrlenA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
InterlockedDecrement
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetThreadPriority
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetModuleHandleW
GetVersionExA
GetCurrentProcessId
GetModuleHandleA
SetLastError
FreeLibrary
GetProcAddress
LoadLibraryW
MoveFileW
lstrlenW
FindClose
FindFirstFileW
GetLastError
ExpandEnvironmentStringsW
OutputDebugStringW
ExitProcess
Sleep
SuspendThread
DeleteFileW
GetTempPathW
SetFileTime
WriteFile
CreateDirectoryW
GetFileAttributesW
WideCharToMultiByte
LocalFileTimeToFileTime
MultiByteToWideChar
GetCurrentDirectoryW
SystemTimeToFileTime
ReadFile
SetFilePointer
CreateFileW
ResetEvent
SetEvent
WaitForSingleObject
FreeResource
GlobalAlloc
ResumeThread
GlobalFree
MulDiv
GlobalUnlock
GlobalLock
CreateEventW
GetModuleFileNameW
CloseHandle
GetCurrentProcess
GetVersionExW
LocalFree
FormatMessageW
LockResource
SizeofResource
LoadResource
FindResourceW

user32

DestroyMenu
LoadCursorW
GetSysColorBrush
UnregisterClassW
PostQuitMessage
GetDesktopWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
CharUpperW
GetMessageW
TranslateMessage
GetActiveWindow
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
ShowWindow
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
SetActiveWindow
DispatchMessageW
GetDlgItem
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
IsWindowVisible
PostMessageW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
DrawIconEx
LoadIconW
FindWindowExW
MessageBoxW
LoadBitmapW
wsprintfW
GetDlgCtrlID
GetWindow
MoveWindow
AdjustWindowRectEx
DestroyWindow
ClientToScreen
EndPaint
BeginPaint
CopyRect
ReleaseDC
GetDC
SetRect
SetCapture
PtInRect
FillRect
SetTimer
KillTimer
IsWindow
SendMessageW
ReleaseCapture
SetCursor
OffsetRect
GetClientRect
UpdateWindow
InvalidateRect
GetParent
RedrawWindow
GetWindowRect
GetSysColor
EnableWindow
RegisterWindowMessageW

gdi32

OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
CreateBitmap
GetClipBox
SetMapMode
SetTextAlign
GetDeviceCaps
GetStockObject
SetViewportOrgEx
GetViewportOrgEx
DeleteObject
CreateSolidBrush
BitBlt
CreateCompatibleDC
GetObjectW
CreateFontIndirectW
SetTextColor
SetROP2
SetBkMode
SetBkColor
RestoreDC
SaveDC
Escape
ExtTextOutW
RectVisible
PtVisible
TextOutW
GetTextExtentPoint32W
GetBkColor
DPtoLP
GetMapMode
LPtoDP
CreateFontW
GetTextExtentPointA
GetTextMetricsA
CreateCompatibleBitmap
DeleteDC
SelectObject

msimg32

TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegSetValueExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
OpenProcessToken
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
GetTokenInformation

shell32

ShellExecuteW

comctl32

_TrackMouseEvent

shlwapi

SHCreateStreamOnFileW
PathRemoveFileSpecW
PathStripToRootW
PathIsUNCW
UrlUnescapeW
PathFindExtensionW
PathAppendW
PathFindFileNameW

ole32

CreateStreamOnHGlobal

oleaut32

OleLoadPicture
VariantClear
VariantChangeType
VariantInit

Exports

Exports

InstallUpdates
IsUpdation
ShowMainDialogFirst
StartDownload

Sections

.text
Size: 245KB - Virtual size: 245KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 320KB - Virtual size: 319KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
data.xml
.xml
uninst.exe.nsis
xmllite.dll
.dll windows:5 windows x86 arch:x86

0a795683029e5d2dae126d31806e72fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP
IMAGE_FILE_DLL

PDB Paths

XmlLite.pdb

Imports

msvcrt

_onexit
__dllonexit
_adjust_fdiv
malloc
_initterm
free
_purecall
wcscmp
_vsnwprintf
_ftol
memmove
wcslen
_except_handler3
wcschr

kernel32

GetCPInfo
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
VirtualQuery
RaiseException
HeapFree
HeapAlloc
GetProcessHeap
GetLastError
GetTickCount
InterlockedIncrement
InterlockedDecrement
SetUnhandledExceptionFilter
MultiByteToWideChar
WideCharToMultiByte

Exports

Exports

CreateXmlReader
CreateXmlReaderInputWithEncodingCodePage
CreateXmlReaderInputWithEncodingName
CreateXmlWriter
CreateXmlWriterOutputWithEncodingCodePage
CreateXmlWriterOutputWithEncodingName

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/PCOptimizerProSetup_STD64.exe
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 88KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

1e2884056e655f2b7bc5a904e352fc80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GetFileAttributesA
lstrcmpiA
MulDiv
lstrlenA
HeapFree
GetCurrentDirectoryA
HeapAlloc
HeapReAlloc
GlobalFree
lstrcpynA
GlobalAlloc
GetProcessHeap
SetCurrentDirectoryA

user32

GetPropA
DestroyWindow
CallWindowProcA
SetCursor
LoadCursorA
RemovePropA
CharPrevA
GetWindowLongA
DrawTextA
GetWindowTextA
GetDlgItem
SetWindowLongA
SetWindowPos
CreateDialogParamA
MapWindowPoints
GetWindowRect
SetPropA
CreateWindowExA
IsWindow
SetTimer
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
ShowWindow
wsprintfA
MapDialogRect
GetClientRect
CharNextA
SendMessageA
DrawFocusRect

gdi32

SetTextColor

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PCOptimizerPro.exe
.exe windows:5 windows x64 arch:x64

06c56eaa78271e25e7813225e6b4a786

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

G:\DEV_VC\PC Optimizer Pro\x64\Release\PCOptimizerPro.pdb

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

winmm

waveOutGetNumDevs
waveOutGetDevCapsW

mpr

WNetGetUserW

wininet

InternetCloseHandle
InternetOpenW
InternetOpenUrlW
InternetReadFile

xmllite

CreateXmlReader

iphlpapi

GetAdaptersInfo

kernel32

GlobalHandle
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalFlags
SetErrorMode
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetSystemTimeAsFileTime
ExitThread
CreateThread
RtlUnwindEx
RtlPcToFileHeader
HeapReAlloc
SetStdHandle
GetFileType
VirtualAlloc
VirtualQuery
ExitProcess
HeapSize
InitializeCriticalSection
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
HeapSetInformation
HeapCreate
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetDateFormatA
GetTimeFormatA
GetTimeZoneInformation
LCMapStringW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryA
LCMapStringA
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetDriveTypeA
SetEnvironmentVariableA
TlsGetValue
LocalAlloc
WritePrivateProfileStringW
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
lstrlenA
lstrcmpA
GetFileTime
GetFileSizeEx
GetFullPathNameW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
VirtualProtect
SetThreadPriority
GlobalReAlloc
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
GetVersionExA
GetCurrentProcessId
ReadFile
SetFilePointer
GetFileInformationByHandle
GetSystemInfo
GetComputerNameW
GlobalMemoryStatus
GetVolumeInformationW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
GetCurrentThread
Process32NextW
TerminateProcess
Process32FirstW
CreateToolhelp32Snapshot
OpenProcess
lstrcpyW
WinExec
lstrcatW
LoadLibraryExW
ResetEvent
SetEvent
FreeResource
ResumeThread
MulDiv
CreateEventW
SuspendThread
WideCharToMultiByte
GetTickCount
GetLocalTime
SystemTimeToFileTime
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
OutputDebugStringW
GlobalMemoryStatusEx
CreateMutexW
CreateDirectoryW
RaiseException
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
FlushInstructionCache
LocalFree
FormatMessageW
FreeLibrary
SetLastError
GetUserDefaultLangID
LoadLibraryW
GetFileSize
CopyFileW
FindNextFileW
FileTimeToSystemTime
FileTimeToLocalFileTime
FindClose
GetFileAttributesW
GetVersion
GetProcAddress
GetModuleHandleW
GetDiskFreeSpaceExW
GetCurrentDirectoryW
GetWindowsDirectoryW
GetSystemDirectoryW
GetModuleFileNameW
QueryPerformanceCounter
GetSystemTime
GetVersionExW
GetCurrentProcess
WriteFile
MultiByteToWideChar
GetLastError
MoveFileExW
SetFileAttributesW
Sleep
FindFirstFileW
CloseHandle
CreateFileW
GetDriveTypeW
ExpandEnvironmentStringsW
MoveFileW
WaitForSingleObject
DeleteFileW
RemoveDirectoryW
lstrlenW
FindResourceW
LoadResource
LockResource
SizeofResource
GlobalAddAtomW
TlsAlloc
InterlockedPushEntrySList
VirtualFree
InterlockedPopEntrySList
HeapQueryInformation

user32

ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
CheckMenuItem
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassNameW
GetClassLongPtrW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetTopWindow
GetMessageTime
MapWindowPoints
GetKeyState
SetMenu
GetScrollRange
SetScrollPos
GetScrollPos
GetClassInfoW
RegisterClassW
EqualRect
UnregisterClassA
GetMenu
SystemParametersInfoA
GetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetNextDlgTabItem
EndDialog
IntersectRect
GetWindowTextLengthW
GetWindowTextW
GetFocus
SetWindowPos
SetFocus
ShowWindow
SetWindowTextW
SendDlgItemMessageW
GetDlgItem
GetWindowDC
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
UnhookWindowsHookEx
GetMessageW
GetMenuItemID
GetMenuItemCount
IsWindowVisible
GetKeyboardType
EnumDisplayDevicesW
ExitWindowsEx
GetDlgCtrlID
GetWindow
AdjustWindowRectEx
ClientToScreen
EndPaint
BeginPaint
GetMessagePos
GetWindowPlacement
EnumDisplaySettingsW
FindWindowExW
WaitForInputIdle
MessageBoxW
ScreenToClient
DestroyCursor
SetLayeredWindowAttributes
GetWindowLongW
SetWindowLongW
EnableMenuItem
ModifyMenuW
SetActiveWindow
DrawIcon
IsIconic
MoveWindow
FindWindowW
GetIconInfo
FrameRect
CreateWindowExW
GetClassInfoExW
RegisterClassExW
GetDesktopWindow
GetMenuDefaultItem
TrackPopupMenu
SetForegroundWindow
GetCursorPos
LoadImageW
CreateIconIndirect
GetSystemMetrics
LoadMenuW
SetMenuDefaultItem
GetSubMenu
DestroyIcon
RegisterWindowMessageW
CallWindowProcW
DefWindowProcW
GetWindowLongPtrW
SetWindowLongPtrW
MapDialogRect
CharUpperW
WindowFromPoint
DestroyMenu
PostQuitMessage
SetWindowContextHelpId
GetSysColorBrush
UnregisterClassW
CopyAcceleratorTableW
IsRectEmpty
InvalidateRgn
CharNextW
GetAsyncKeyState
IsWindow
SetCapture
ReleaseCapture
GetWindowRect
CopyIcon
GrayStringW
DrawTextExW
TabbedTextOutW
GetNextDlgGroupItem
MessageBeep
PostThreadMessageW
RegisterClipboardFormatW
DrawEdge
UpdateWindow
GetScrollInfo
PtInRect
OffsetRect
SetRectEmpty
GetParent
PostMessageW
ReleaseDC
GetDC
RedrawWindow
DispatchMessageW
TranslateMessage
IsDialogMessageW
PeekMessageW
LoadCursorW
SetCursor
SetWindowRgn
InflateRect
InvalidateRect
DrawTextW
SetRect
DrawFocusRect
GetSysColor
CopyRect
KillTimer
LoadIconW
SetTimer
LoadBitmapW
FillRect
GetClientRect
EnableWindow
SendMessageW
GetMenuState
SetScrollInfo

gdi32

CreateRectRgnIndirect
GetRgnBox
GetCurrentObject
GetTextExtentPointA
GetTextMetricsA
SelectClipRgn
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetTextAlign
GetClipBox
SetMapMode
SetTextColor
GetTextColor
GetTextMetricsW
CreateCompatibleBitmap
BitBlt
SelectObject
CreateDIBSection
DeleteObject
DeleteDC
StretchBlt
GetObjectW
CreateCompatibleDC
CreateSolidBrush
SetTextJustification
SetBkColor
SetBkMode
LineTo
MoveToEx
GetTextAlign
CreateBitmap
FrameRgn
SetViewportOrgEx
GetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetBkColor
DPtoLP
GetViewportExtEx
GetWindowExtEx
GetMapMode
LPtoDP
CreatePen
CreateRoundRectRgn
CreateFontW
Pie
RestoreDC
GetTextExtentPoint32W
SaveDC
GetDeviceCaps
GetCurrentPositionEx
CreateFontIndirectW
GetStockObject
SetStretchBltMode

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

OpenThreadToken
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegEnumKeyW
RegEnumValueW
RegQueryValueExW
RegSetKeySecurity
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAce
InitializeAcl
RegGetKeySecurity
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
CopySid
GetLengthSid
GetUserNameW
RegCloseKey
RegQueryValueW
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
GetTokenInformation
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyW
RegEnumKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegQueryInfoKeyW

shell32

SHGetFolderPathW
DragAcceptFiles
DragQueryFileW
SHGetSpecialFolderPathW
SHGetMalloc
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetDataFromIDListW
SHEmptyRecycleBinW
ShellExecuteW
Shell_NotifyIconW
ord680
SHGetFileInfoW
ShellExecuteExW

comctl32

InitCommonControlsEx
ord17
ImageList_GetImageCount
ImageList_GetIcon
_TrackMouseEvent

shlwapi

PathFileExistsW
PathIsRelativeW
PathIsRootW
PathFindOnPathW
PathIsDirectoryW
PathFindExtensionW
PathRenameExtensionW
PathRemoveFileSpecW
PathAppendW
PathCompactPathW
SHCreateStreamOnFileW
PathRemoveBlanksW
SHDeleteKeyW
PathStripToRootW
PathIsUNCW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

OleIsCurrentClipboard
CreateILockBytesOnHGlobal
CoUninitialize
CoCreateInstance
CoInitialize
OleFlushClipboard
CoInitializeEx
CLSIDFromProgID
CreateStreamOnHGlobal
CoTaskMemAlloc
OleUninitialize
CoFreeUnusedLibraries
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
CoTaskMemFree
StgCreateDocfileOnILockBytes
OleInitialize
CoRevokeClassObject
CoRegisterMessageFilter

oleaut32

SafeArrayDestroy
SysAllocString
VariantCopy
VariantChangeType
SysStringLen
SysAllocStringLen
VariantClear
VariantInit
OleCreateFontIndirect
OleLoadPicture
VariantTimeToSystemTime
SystemTimeToVariantTime
VarDateFromStr
SysFreeString

ws2_32

WSAStartup
gethostname
gethostbyname
inet_ntoa
WSACleanup

rpcrt4

UuidCreateSequential

netapi32

NetWkstaTransportEnum
NetApiBufferFree

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 633KB - Virtual size: 633KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11.2MB - Virtual size: 11.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 32KB

.rsrc Size: 2KB - Virtual size: 2KB

099c0646ea7282d232219f8807883be0

Code Sign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4bCertificate

Key Usages

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:beCertificate

Extended Key Usages

Key Usages

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bbCertificate

Extended Key Usages

Key Usages

b8:36:bb:5e:bc:9f:be:e7:ac:39:b7:d5:77:d1:ec:85Certificate

Extended Key Usages

Key Usages

d4:7f:21:c7:94:38:5c:7b:30:b3:57:51:29:3a:ea:2f:4a:fe:a8:83Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 88KB

.rsrc Size: 31KB - Virtual size: 31KB

5e41893d1528e7648e03f81030aca366

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: - Virtual size: 16B

.reloc Size: 512B - Virtual size: 374B

9b6b6a7858e17fb0b17e1c1428330343

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 32KB

.rsrc
Size: 2KB - Virtual size: 2KB

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

b8:36:bb:5e:bc:9f:be:e7:ac:39:b7:d5:77:d1:ec:85
Certificate

d4:7f:21:c7:94:38:5c:7b:30:b3:57:51:29:3a:ea:2f:4a:fe:a8:83
Signer

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 88KB

.rsrc
Size: 31KB - Virtual size: 31KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 374B

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 697B

.data
Size: 512B - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 352B

.reloc
Size: 512B - Virtual size: 320B

.text
Size: 132KB - Virtual size: 132KB

.rdata
Size: 30KB - Virtual size: 30KB

.data
Size: 8KB - Virtual size: 22KB

.rsrc
Size: 15KB - Virtual size: 14KB

.reloc
Size: 27KB - Virtual size: 26KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 100B

.reloc
Size: 1024B - Virtual size: 520B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 572B