Family.Authentication.pdb
Static task
static1
1 signatures
General
-
Target
v.1.7.1_x64__install__.zip
-
Size
48.0MB
-
MD5
61fe2b0d42a68f8ea375f49ffb83ca46
-
SHA1
504c4f63664fd86ea5aa2c38643ae83465664671
-
SHA256
8feaa8b2122348eb7db1fda15736bc286b0f006d0f835daabd2f757215b39742
-
SHA512
2018926305156b87fedb360a98edacef036a6ae7b593b38cf0963ee62366dd0898ea1e07303c1d4caa7d0e9ef532c2a489a8f5ea24949977ebe1b718cc176676
-
SSDEEP
786432:pp+AkxOxAZm7gSDVsYm8l8bYV5wqya9ju+cmQbXLEgizbljPJj2BHEIjYf7GqCd/:pp+AkxOx6mkMspNbawUPlE6NJ4H7Yf7w
Score
3/10
Malware Config
Signatures
-
Unsigned PE 9 IoCs
Checks for missing Authenticode signature.
resource unpack001/FxsTmplA/Family.Authentication.dll unpack001/FxsTmplA/Family.Cache.dll unpack001/FxsTmplA/f3ahvoas.dll unpack001/SSidadm/imapi.dll unpack001/SSidadm/itircl.dll unpack001/SSidadm/mtxclu.dll unpack001/SSidadm/nlhtml.dll unpack001/mfis/RpcNs4.dll unpack001/mfis/hotplug.dll
Files
-
v.1.7.1_x64__install__.zip.zip
-
FxsTmplA/Family.Authentication.dll.dll windows:10 windows x64 arch:x64
045d5fcdf29e1bd670205872ddd84e75
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
msvcrt
_callnewh
memcmp
__CxxFrameHandler3
realloc
_purecall
free
_XcptFilter
_onexit
malloc
_initterm
__C_specific_handler
memcpy_s
_lock
_unlock
_vsnwprintf
__dllonexit
_amsg_exit
memset
ntdll
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
_wcstoui64
memmove_s
api-ms-win-core-winrt-l1-1-0
RoActivateInstance
RoGetActivationFactory
api-ms-win-core-winrt-string-l1-1-0
WindowsDuplicateString
WindowsDeleteString
HSTRING_UserUnmarshal
HSTRING_UserMarshal64
HSTRING_UserFree
HSTRING_UserSize64
HSTRING_UserFree64
WindowsCreateString
WindowsCreateStringReference
HSTRING_UserUnmarshal64
WindowsGetStringRawBuffer
HSTRING_UserMarshal
HSTRING_UserSize
WindowsIsStringEmpty
WindowsStringHasEmbeddedNull
api-ms-win-core-com-l1-1-0
CreateStreamOnHGlobal
CoCreateInstance
CoTaskMemAlloc
CoGetApartmentType
CoMarshalInterface
CoGetInterfaceAndReleaseStream
CoReleaseMarshalData
CoCreateFreeThreadedMarshaler
api-ms-win-core-com-l1-1-1
RoGetAgileReference
api-ms-win-core-winrt-error-l1-1-0
SetRestrictedErrorInfo
GetRestrictedErrorInfo
RoOriginateErrorW
RoOriginateError
RoTransformError
api-ms-win-core-winrt-error-l1-1-1
IsErrorPropagationEnabled
RoGetMatchingRestrictedErrorInfo
RoReportFailedDelegate
api-ms-win-core-registry-l1-1-0
RegOpenKeyExW
RegCloseKey
RegGetValueW
api-ms-win-shcore-taskpool-l1-1-0
SHTaskPoolAllowThreadReuse
SHTaskPoolQueueTask
advapi32
EventUnregister
EventRegister
EventWriteTransfer
EventActivityIdControl
OpenProcessToken
GetTokenInformation
EventSetInformation
kernel32
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
Sleep
EncodePointer
CreateSemaphoreExW
ReleaseSRWLockShared
CreateMutexExW
GetCurrentProcessId
InitOnceComplete
InitOnceExecuteOnce
InitOnceBeginInitialize
ReleaseSRWLockExclusive
DecodePointer
DisableThreadLibraryCalls
OpenSemaphoreW
WaitForSingleObject
QueryPerformanceCounter
AcquireSRWLockExclusive
WaitForSingleObjectEx
ReleaseMutex
ReleaseSemaphore
CloseHandle
SetLastError
OutputDebugStringW
IsDebuggerPresent
GetLastError
GetProcAddress
GetModuleHandleW
DebugBreak
GetModuleFileNameA
HeapFree
GetProcessHeap
HeapAlloc
GetCurrentThreadId
FormatMessageW
TerminateProcess
GetSystemTimeAsFileTime
GetTickCount
InitializeSRWLock
RaiseException
OpenProcess
AcquireSRWLockShared
GetModuleHandleExW
rpcrt4
CStdStubBuffer_Connect
CStdStubBuffer_IsIIDSupported
NdrStubCall3
IUnknown_QueryInterface_Proxy
CStdStubBuffer_Disconnect
CStdStubBuffer_DebugServerRelease
NdrOleAllocate
CStdStubBuffer_QueryInterface
CStdStubBuffer_CountRefs
IUnknown_Release_Proxy
CStdStubBuffer_AddRef
NdrCStdStubBuffer2_Release
CStdStubBuffer_DebugServerQueryInterface
IUnknown_AddRef_Proxy
NdrStubForwardingFunction
CStdStubBuffer_Invoke
NdrCStdStubBuffer_Release
NdrDllCanUnloadNow
NdrDllGetClassObject
NdrOleFree
api-ms-win-core-com-midlproxystub-l1-1-0
ObjectStublessClient6
NdrProxyForwardingFunction5
NdrProxyForwardingFunction4
CStdStubBuffer2_Connect
NdrProxyForwardingFunction3
CStdStubBuffer2_QueryInterface
ObjectStublessClient7
CStdStubBuffer2_Disconnect
ObjectStublessClient3
CStdStubBuffer2_CountRefs
ObjectStublessClient8
Exports
Exports
DllCanUnloadNow
DllGetActivationFactory
DllGetClassObject
Sections
.text Size: 64KB - Virtual size: 64KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
FxsTmplA/Family.Cache.dll.dll windows:10 windows x64 arch:x64
5c91ca46803767598306d8004367b675
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Family.Cache.pdb
Imports
api-ms-win-crt-runtime-l1-1-0
_initterm
_initterm_e
api-ms-win-crt-private-l1-1-0
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
_o_free
_o_iswspace
_o_malloc
_o_realloc
_o_terminate
__C_specific_handler
__CxxFrameHandler3
_CxxThrowException
_o__crt_atexit
_o__execute_onexit_table
_o__errno
memmove
_o__cexit
_o__callnewh
_o__configure_narrow_argv
_o___stdio_common_vswprintf
_o___stdio_common_vsnprintf_s
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
__std_terminate
__CxxFrameHandler4
memcmp
memcpy
api-ms-win-crt-string-l1-1-0
memset
ntdll
RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry
api-ms-win-core-synch-l1-1-0
WaitForSingleObjectEx
ReleaseMutex
CreateSemaphoreExW
AcquireSRWLockExclusive
AcquireSRWLockShared
WaitForSingleObject
InitializeSRWLock
OpenSemaphoreW
ReleaseSRWLockShared
CreateMutexExW
ReleaseSRWLockExclusive
ReleaseSemaphore
api-ms-win-core-synch-l1-2-0
InitOnceExecuteOnce
InitOnceComplete
InitOnceBeginInitialize
api-ms-win-core-winrt-string-l1-1-0
HSTRING_UserMarshal64
HSTRING_UserFree
HSTRING_UserSize64
HSTRING_UserFree64
HSTRING_UserMarshal
HSTRING_UserUnmarshal
WindowsDuplicateString
WindowsDeleteString
WindowsCreateString
WindowsStringHasEmbeddedNull
WindowsIsStringEmpty
WindowsGetStringRawBuffer
HSTRING_UserSize
HSTRING_UserUnmarshal64
WindowsPromoteStringBuffer
WindowsDeleteStringBuffer
WindowsPreallocateStringBuffer
WindowsCreateStringReference
api-ms-win-core-com-l1-1-0
CoCreateInstance
CoCreateFreeThreadedMarshaler
CoGetCallContext
CoIncrementMTAUsage
CoTaskMemAlloc
api-ms-win-core-registry-l1-1-0
RegOpenKeyExW
RegDeleteTreeW
RegCreateKeyExW
RegGetValueW
RegEnumKeyExW
RegCloseKey
RegSetValueExW
api-ms-win-security-capability-l1-1-0
CapabilityCheck
advapi32
EventSetInformation
DuplicateTokenEx
RegCreateKeyTransactedW
EventActivityIdControl
EventWriteTransfer
EventUnregister
OpenProcessToken
EventRegister
kernel32
InterlockedPushEntrySList
GetCurrentThreadId
HeapFree
MultiByteToWideChar
InterlockedFlushSList
FormatMessageW
RaiseException
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
EncodePointer
GetCurrentProcessId
OutputDebugStringW
DisableThreadLibraryCalls
GetModuleHandleExW
GetModuleFileNameA
DebugBreak
GetProcAddress
GetModuleHandleW
CloseHandle
SetLastError
GetLastError
IsDebuggerPresent
GetProcessHeap
HeapAlloc
DecodePointer
ktmw32
CommitTransaction
CreateTransaction
api-ms-win-core-winrt-error-l1-1-0
RoOriginateError
RoOriginateErrorW
SetRestrictedErrorInfo
RoTransformError
GetRestrictedErrorInfo
rpcrt4
CStdStubBuffer_IsIIDSupported
NdrCStdStubBuffer2_Release
NdrDllGetClassObject
NdrDllCanUnloadNow
CStdStubBuffer_Invoke
NdrStubForwardingFunction
IUnknown_AddRef_Proxy
CStdStubBuffer_DebugServerQueryInterface
NdrOleFree
CStdStubBuffer_AddRef
IUnknown_Release_Proxy
NdrOleAllocate
CStdStubBuffer_DebugServerRelease
NdrStubCall3
IUnknown_QueryInterface_Proxy
api-ms-win-core-com-midlproxystub-l1-1-0
ObjectStublessClient7
CStdStubBuffer2_Disconnect
ObjectStublessClient15
CStdStubBuffer2_QueryInterface
ObjectStublessClient11
ObjectStublessClient14
ObjectStublessClient12
CStdStubBuffer2_Connect
NdrProxyForwardingFunction4
ObjectStublessClient13
NdrProxyForwardingFunction5
ObjectStublessClient6
ObjectStublessClient8
ObjectStublessClient9
ObjectStublessClient17
ObjectStublessClient10
CStdStubBuffer2_CountRefs
NdrProxyForwardingFunction3
ObjectStublessClient16
msvcp_win
?_Xlength_error@std@@YAXPEBD@Z
api-ms-win-core-winrt-l1-1-0
RoGetActivationFactory
oleaut32
SysFreeString
SysStringLen
api-ms-win-core-winrt-error-l1-1-1
RoOriginateLanguageException
Exports
Exports
DllCanUnloadNow
DllGetActivationFactory
DllGetClassObject
Sections
.text Size: 93KB - Virtual size: 92KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 53KB - Virtual size: 52KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
FxsTmplA/f3ahvoas.dll.dll windows:10 windows x64 arch:x64
5fee61a2496e6d30478467592dd1e320
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
f3ahvoas.pdb
Imports
win32u
NtUserCallTwoParam
Exports
Exports
FujitsuOyayubiControl
KbdLayerDescriptor
KbdNlsLayerDescriptor
Sections
.data Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.idata Size: 512B - Virtual size: 106B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 172B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
SSidadm/imapi.dll.dll regsvr32 windows:10 windows x64 arch:x64
9def3e189009b6ddc4ab75d0e8190ac6
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
imapi.pdb
Imports
msvcrt
_CxxThrowException
__RTDynamicCast
memcmp
memcpy
memset
_onexit
__dllonexit
_unlock
_lock
??1type_info@@UEAA@XZ
realloc
_errno
_initterm
_amsg_exit
_XcptFilter
_callnewh
_wremove
_vsnwprintf
wcscat_s
wcscpy_s
wcsstr
wcsncpy_s
malloc
free
_purecall
memcpy_s
__CxxFrameHandler3
__C_specific_handler
wcscmp
ntdll
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlCaptureContext
user32
UnregisterClassA
CharNextW
advapi32
UnregisterTraceGuids
RegisterTraceGuidsW
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
RegQueryValueExW
TraceMessage
RegCloseKey
RegQueryInfoKeyW
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW
ole32
CoTaskMemFree
CoTaskMemAlloc
PropVariantClear
StringFromGUID2
CreateStreamOnHGlobal
CoTaskMemRealloc
CoCreateInstance
oleaut32
LoadRegTypeLi
SafeArrayGetElement
SafeArrayGetUBound
SafeArrayGetLBound
VarBstrCat
SysAllocStringByteLen
SysStringByteLen
GetErrorInfo
DispCallFunc
VariantClear
LoadTypeLi
SafeArrayDestroy
SysAllocStringLen
SysStringLen
SysAllocString
SysFreeString
VarUI4FromStr
SystemTimeToVariantTime
VariantInit
shlwapi
SHCreateStreamOnFileEx
kernel32
GetTempFileNameW
GetVolumeInformationW
CreateMutexW
SetEvent
LocalFree
Sleep
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
OutputDebugStringA
ResetEvent
ReleaseMutex
SizeofResource
FileTimeToSystemTime
GlobalFree
GlobalAlloc
GetDateFormatW
InitializeCriticalSectionAndSpinCount
CreateEventW
CloseHandle
DisableThreadLibraryCalls
WaitForSingleObject
LoadLibraryExW
lstrcmpiW
FreeLibrary
GetModuleHandleW
DeleteCriticalSection
GetProcAddress
LoadResource
FindResourceExW
RaiseException
GetLastError
MultiByteToWideChar
InitializeCriticalSection
LeaveCriticalSection
GetModuleFileNameW
EnterCriticalSection
GetTempPathW
LocalAlloc
WideCharToMultiByte
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 98KB - Virtual size: 98KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 24KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 948B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
SSidadm/itircl.dll.dll regsvr32 windows:10 windows x64 arch:x64
380ae0a373c6ac6b63d2802c179548cd
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
itircl.pdb
Imports
msvcrt
memmove
_initterm
_amsg_exit
__CxxFrameHandler3
memcpy
memcmp
_XcptFilter
_callnewh
malloc
_vsnprintf
strncmp
free
_purecall
__C_specific_handler
?terminate@@YAXXZ
memset
kernel32
DeleteFileA
UnmapViewOfFile
VirtualFree
GlobalSize
GetCurrentDirectoryA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetModuleFileNameA
VirtualProtect
VirtualAlloc
LoadLibraryExA
GetModuleHandleA
MultiByteToWideChar
GetLastError
DisableThreadLibraryCalls
GetSystemInfo
HeapDestroy
WideCharToMultiByte
lstrcmpiA
VirtualQuery
GlobalReAlloc
CompareStringW
GetACP
CompareStringA
GetUserDefaultLCID
GetVersionExA
Sleep
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
lstrlenA
GetFullPathNameA
LocalLock
LocalAlloc
LocalFree
LocalUnlock
GetProcAddress
GetTempFileNameA
GetTempPathA
OpenFile
SetFilePointer
OutputDebugStringA
WriteFile
ReadFile
MapViewOfFile
GlobalFlags
CreateFileA
CloseHandle
GlobalHandle
CreateFileMappingA
GetFileSize
user32
CharUpperA
CharNextA
LoadStringA
advapi32
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
ole32
ReadClassStm
WriteClassStm
CoTaskMemFree
StringFromCLSID
CoCreateInstance
CoGetClassObject
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 157KB - Virtual size: 157KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 25KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
SSidadm/mtxclu.dll.dll windows:10 windows x64 arch:x64
d21ac5e21e55f5b9ee93d732d6cbb672
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
mtxclu.pdb
Imports
ntdll
RtlFreeHeap
RtlImageNtHeader
RtlAllocateHeap
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCreateServiceSid
RtlReportException
RtlCaptureContext
RtlNtStatusToDosError
RtlInitUnicodeString
api-ms-win-core-registry-l1-1-0
RegSetValueExW
RegFlushKey
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
RegCreateKeyExA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegDeleteValueW
api-ms-win-core-string-l1-1-0
WideCharToMultiByte
CompareStringW
MultiByteToWideChar
api-ms-win-core-com-l1-1-0
CoTaskMemFree
CoTaskMemAlloc
StringFromGUID2
CoCreateInstance
CoGetObjectContext
api-ms-win-service-management-l1-1-0
DeleteService
CreateServiceW
OpenSCManagerW
CloseServiceHandle
OpenServiceW
api-ms-win-security-sddl-l1-1-0
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertStringSidToSidW
ConvertSidToStringSidW
rpcrt4
UuidFromStringW
UuidToStringW
RpcStringFreeW
UuidCreate
UuidFromStringA
UuidToStringA
RpcStringFreeA
api-ms-win-core-synch-l1-2-0
Sleep
api-ms-win-core-errorhandling-l1-1-0
SetUnhandledExceptionFilter
GetLastError
SetLastError
UnhandledExceptionFilter
api-ms-win-core-heap-l2-1-0
LocalAlloc
LocalFree
api-ms-win-service-winsvc-l1-1-0
StartServiceA
ControlService
QueryServiceStatus
OpenSCManagerA
api-ms-win-core-file-l1-1-0
RemoveDirectoryW
FindFirstFileW
CreateFileW
FindClose
SetFileAttributesW
GetFullPathNameW
FindNextFileW
DeleteFileW
CreateDirectoryW
GetFileAttributesW
api-ms-win-security-base-l1-1-0
GetSecurityDescriptorControl
GetSecurityDescriptorSacl
MakeSelfRelativeSD
AdjustTokenPrivileges
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
GetTokenInformation
MakeAbsoluteSD
DuplicateTokenEx
GetSecurityDescriptorLength
GetLengthSid
AddAccessAllowedAceEx
InitializeAcl
InitializeSecurityDescriptor
FreeSid
AddAce
IsWellKnownSid
SetSecurityDescriptorDacl
CopySid
GetAclInformation
GetSidLengthRequired
AllocateAndInitializeSid
EqualSid
GetAce
GetSecurityDescriptorDacl
api-ms-win-service-management-l2-1-0
ChangeServiceConfigW
ChangeServiceConfig2W
QueryServiceStatusEx
QueryServiceConfigW
api-ms-win-service-core-l1-1-1
EnumServicesStatusExW
api-ms-win-core-processenvironment-l1-1-0
ExpandEnvironmentStringsW
GetEnvironmentVariableW
GetCommandLineA
api-ms-win-core-sysinfo-l1-1-0
GetLocalTime
GetComputerNameExW
GetSystemWindowsDirectoryA
GetSystemInfo
GetTickCount
GetSystemDirectoryW
GetSystemTimeAsFileTime
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-core-libraryloader-l1-2-0
LoadResource
GetModuleFileNameW
DisableThreadLibraryCalls
LoadStringW
LockResource
GetModuleHandleW
LoadLibraryExA
GetProcAddress
GetModuleHandleExA
FindResourceExW
FreeLibrary
LoadLibraryExW
api-ms-win-core-processthreads-l1-1-0
SetThreadStackGuarantee
CreateProcessW
TerminateProcess
TlsFree
GetCurrentProcess
SetThreadToken
GetExitCodeProcess
GetCurrentThreadId
TlsSetValue
OpenThreadToken
GetCurrentThread
OpenProcessToken
GetCurrentProcessId
TlsAlloc
TlsGetValue
api-ms-win-security-lsalookup-l2-1-0
LookupAccountNameW
api-ms-win-core-synch-l1-1-0
ReleaseSemaphore
CreateSemaphoreExW
CreateEventW
DeleteCriticalSection
WaitForSingleObject
CreateEventA
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
ResetEvent
InitializeCriticalSection
WaitForSingleObjectEx
EnterCriticalSection
SetEvent
ws2_32
WSAGetLastError
FreeAddrInfoW
GetAddrInfoW
api-ms-win-core-debug-l1-1-0
DebugBreak
OutputDebugStringW
IsDebuggerPresent
api-ms-win-core-psapi-l1-1-0
QueryFullProcessImageNameW
bcrypt
BCryptGenerateSymmetricKey
BCryptGetProperty
BCryptOpenAlgorithmProvider
BCryptGenRandom
BCryptExportKey
BCryptCloseAlgorithmProvider
BCryptSetProperty
BCryptDestroyKey
api-ms-win-core-string-obsolete-l1-1-0
lstrcmpiW
lstrcmpW
cryptsp
CryptGenKey
CryptReleaseContext
CryptGetUserKey
CryptDecrypt
CryptImportKey
CryptExportKey
CryptDestroyKey
CryptEncrypt
CryptAcquireContextW
CryptSetProvParam
api-ms-win-security-lsapolicy-l1-1-0
LsaClose
advapi32
DeregisterEventSource
LookupPrivilegeValueA
RegEnumKeyA
RegEnumKeyW
RegDeleteKeyA
RegDeleteKeyW
RegisterEventSourceW
ReportEventW
SetNamedSecurityInfoW
GetNamedSecurityInfoW
EnumServicesStatusExA
RegConnectRegistryW
kernel32
UnregisterWaitEx
QueueUserWorkItem
msvcrt
_initterm
_callnewh
malloc
_waccess
_wfopen
strchr
fopen
fflush
fclose
fprintf
fwprintf
_vsnprintf
wcsrchr
mbstowcs
_purecall
_stricmp
_wcsnicmp
wcstombs
_ltoa
_ltow
atol
_wtol
iswalpha
??0exception@@QEAA@AEBQEBD@Z
??0exception@@QEAA@AEBQEBDH@Z
??0exception@@QEAA@AEBV0@@Z
??1exception@@UEAA@XZ
?what@exception@@UEBAPEBDXZ
_CxxThrowException
memcpy
memmove
_XcptFilter
_amsg_exit
wcscpy_s
??1type_info@@UEAA@XZ
_wcsicmp
_onexit
_ultow
_local_unwind
memcmp
memset
__dllonexit
__CxxFrameHandler3
_vsnwprintf
_unlock
_lock
_wcsdup
?terminate@@YAXXZ
wcschr
__C_specific_handler
free
wcscmp
clusapi
ClusterResourceTypeEnum
GetClusterResourceKey
CloseCluster
CloseClusterResource
ClusterRegOpenKey
GetClusterResourceNetworkName
ClusterRegCloseKey
GetClusterResourceState
ClusterRegDeleteValue
OpenClusterResourceEx
ClusterRegEnumKey
ClusterRegQueryValue
OfflineClusterResource
ClusterRegSetValue
ClusterRegCreateKey
ClusterRegDeleteKey
ClusterGroupEnum
ClusterControl
OpenClusterGroupEx
OnlineClusterResource
ClusterResourceControl
ClusterResourceTypeControl
ClusterRegQueryInfoKey
ClusterResourceTypeGetEnumCount
GetClusterKey
ClusterGroupOpenEnum
ClusterRegEnumValue
ClusterResourceTypeOpenEnum
CloseClusterGroup
ClusterResourceTypeCloseEnum
OpenClusterEx
CreateClusterNotifyPort
GetClusterNotify
GetClusterResourceTypeKey
ClusterGroupCloseEnum
ClusterGetEnumCount
GetNodeClusterState
ClusterOpenEnum
ClusterEnum
ClusterCloseEnum
resutils
ResUtilEnumResourcesEx
ResUtilGetResourceDependencyByName
ResUtilPropertyListFromParameterBlock
ResUtilSetPropertyTable
ResUtilGetProperties
ResUtilGetResourceDependencyByClass
ResUtilDupParameterBlock
ResUtilSetPropertyParameterBlock
ClusWorkerTerminate
ResUtilVerifyPropertyTable
ResUtilEnumProperties
ResUtilFindSzProperty
ResUtilTerminateServiceProcessFromResDll
ClusWorkerCheckTerminate
ResUtilFindBinaryProperty
ResUtilGetPropertiesToParameterBlock
ClusWorkerCreate
msdtcprx
CreateLegacyTmInstance
CreateTmInstanceForRemoteAdmin
CreateLocalTmInstance
CreateRemoteProxyTmInstance
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-version-l1-1-0
VerQueryValueW
api-ms-win-core-localization-l1-2-0
FormatMessageW
api-ms-win-core-memory-l1-1-0
VirtualAlloc
VirtualQuery
VirtualProtect
Exports
Exports
FailedClusterAPIToEventLog
MtxCluBringOnlineDTCW
MtxCluClearClusterTmMappings
MtxCluCreateClusterProxyTmInstance
MtxCluCreateClusterTmInstance
MtxCluCreateTmInstanceForVirtualServer
MtxCluEnumerateClusterTmMappings
MtxCluEnumerateDtcResources
MtxCluEnumerateDtcResourcesEx
MtxCluGetActiveClusterNode
MtxCluGetClusterResourceIdFromName
MtxCluGetComputerNameW
MtxCluGetDTCResourceForResource
MtxCluGetDTCStatusW
MtxCluGetDTCVirtualServerNameW
MtxCluGetDefaultClusterResource
MtxCluGetDefaultClusterResourceNonAdmin
MtxCluGetDtcDiskResourceDrive
MtxCluGetNameFromResourceIdString
MtxCluGetNameFromResourceIdStringNonAdmin
MtxCluGetResourceId
MtxCluGetResourceIdStringFromName
MtxCluGetSecurityRegValue
MtxCluGetTmResource
MtxCluGetVirtualServerToken
MtxCluIsClusterPresent
MtxCluIsClusterPresentExW
MtxCluIsNetworkNameInLocalClusterW
MtxCluIsSameClusterW
MtxCluIsSameNodeW
MtxCluRemoveClusterTmMappingByName
MtxCluSetClusterTmMapping
MtxCluSetDefaultClusterResource
MtxCluSetSecurityRegValue
MtxCluTakeOfflineDTCW
MtxCluVerifyLogPathInDependantDiskResource
MtxCluVerifyLogPathIsValidCSV
Startup
Sections
.text Size: 201KB - Virtual size: 200KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 210KB - Virtual size: 209KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
SSidadm/nlhtml.dll.dll regsvr32 windows:10 windows x64 arch:x64
c8e3f082cd2a7e37deae3dec52d0a7da
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
nlhtml.pdb
Imports
msvcrt
wcsncmp
_wtoi
wcsrchr
_XcptFilter
_amsg_exit
_initterm
__C_specific_handler
_lock
_unlock
__dllonexit
_onexit
malloc
?terminate@@YAXXZ
??1type_info@@UEAA@XZ
memset
iswalpha
_wcsupr
memmove
memcpy
_wtol
_CxxThrowException
iswdigit
wcschr
_wcsicmp
towupper
wcstoul
bsearch
_wcsnicmp
_purecall
free
_vsnprintf_s
??0exception@@QEAA@AEBV0@@Z
_wcslwr_s
iswspace
??0exception@@QEAA@XZ
realloc
??1exception@@UEAA@XZ
memcpy_s
_vsnwprintf
__CxxFrameHandler3
wcscmp
api-ms-win-core-libraryloader-l1-2-0
LoadStringW
FindResourceExW
LoadResource
GetProcAddress
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameA
DisableThreadLibraryCalls
GetModuleHandleExW
FreeLibrary
api-ms-win-core-synch-l1-1-0
CreateMutexExW
AcquireSRWLockExclusive
WaitForSingleObjectEx
ReleaseMutex
WaitForSingleObject
OpenSemaphoreW
ReleaseSRWLockExclusive
ReleaseSemaphore
CreateSemaphoreExW
api-ms-win-core-heap-l1-1-0
HeapFree
HeapAlloc
GetProcessHeap
api-ms-win-core-errorhandling-l1-1-0
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLastError
SetLastError
api-ms-win-core-heap-l2-1-0
GlobalFree
GlobalAlloc
api-ms-win-core-processthreads-l1-1-0
GetCurrentProcessId
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
api-ms-win-core-localization-l1-2-0
GetLocaleInfoW
GetSystemDefaultLCID
IsDBCSLeadByteEx
GetCPInfo
IsValidCodePage
FormatMessageW
api-ms-win-core-debug-l1-1-0
DebugBreak
OutputDebugStringW
IsDebuggerPresent
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-core-string-l1-1-0
MultiByteToWideChar
CompareStringW
GetStringTypeW
WideCharToMultiByte
api-ms-win-core-com-l1-1-0
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
oleaut32
SysAllocStringLen
SysFreeString
SysAllocString
VarR8FromStr
api-ms-win-core-localization-l1-2-2
LCIDToLocaleName
api-ms-win-core-string-obsolete-l1-1-0
lstrcmpiW
api-ms-win-core-registry-l1-1-0
RegOpenKeyExW
RegCloseKey
RegEnumKeyExW
RegQueryValueExW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
api-ms-win-core-sysinfo-l1-1-0
GetTickCount
GetVersionExW
GetSystemTime
GetSystemTimeAsFileTime
GetVersionExA
api-ms-win-core-memory-l1-1-0
CreateFileMappingW
FlushViewOfFile
UnmapViewOfFile
MapViewOfFile
api-ms-win-core-file-l1-1-0
SetEndOfFile
CreateFileW
GetFileSize
SetFilePointer
api-ms-win-core-timezone-l1-1-0
SystemTimeToFileTime
api-ms-win-core-synch-l1-2-0
Sleep
WakeAllConditionVariable
SleepConditionVariableSRW
api-ms-win-core-rtlsupport-l1-1-0
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-libraryloader-l1-2-1
LoadLibraryW
api-ms-win-core-processenvironment-l1-1-0
SearchPathW
api-ms-win-core-localization-obsolete-l1-2-0
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 95KB - Virtual size: 94KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 80KB - Virtual size: 79KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
mfis/RpcNs4.dll.dll windows:10 windows x64 arch:x64
e06944c518403f775c9c3d3b5156ca77
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
RpcNs4.pdb
Imports
ntdll
RtlIntegerToUnicodeString
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
DbgPrint
WinSqmIncrementDWORD
WinSqmIsOptedIn
DbgPrintEx
advapi32
DeregisterEventSource
ReportEventW
RegisterEventSourceW
kernel32
TerminateProcess
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
GetCommandLineW
GetLastError
GetCurrentProcessId
QueryPerformanceCounter
Exports
Exports
I_RpcNsGetBuffer
I_RpcNsNegotiateTransferSyntax
I_RpcNsRaiseException
I_RpcNsSendReceive
I_RpcReBindBuffer
RpcIfIdVectorFree
RpcNsBindingExportA
RpcNsBindingExportPnPA
RpcNsBindingExportPnPW
RpcNsBindingExportW
RpcNsBindingImportBeginA
RpcNsBindingImportBeginW
RpcNsBindingImportDone
RpcNsBindingImportNext
RpcNsBindingLookupBeginA
RpcNsBindingLookupBeginW
RpcNsBindingLookupDone
RpcNsBindingLookupNext
RpcNsBindingSelect
RpcNsBindingUnexportA
RpcNsBindingUnexportPnPA
RpcNsBindingUnexportPnPW
RpcNsBindingUnexportW
RpcNsEntryExpandNameA
RpcNsEntryExpandNameW
RpcNsEntryObjectInqBeginA
RpcNsEntryObjectInqBeginW
RpcNsEntryObjectInqDone
RpcNsEntryObjectInqNext
RpcNsGroupDeleteA
RpcNsGroupDeleteW
RpcNsGroupMbrAddA
RpcNsGroupMbrAddW
RpcNsGroupMbrInqBeginA
RpcNsGroupMbrInqBeginW
RpcNsGroupMbrInqDone
RpcNsGroupMbrInqNextA
RpcNsGroupMbrInqNextW
RpcNsGroupMbrRemoveA
RpcNsGroupMbrRemoveW
RpcNsMgmtBindingUnexportA
RpcNsMgmtBindingUnexportW
RpcNsMgmtEntryCreateA
RpcNsMgmtEntryCreateW
RpcNsMgmtEntryDeleteA
RpcNsMgmtEntryDeleteW
RpcNsMgmtEntryInqIfIdsA
RpcNsMgmtEntryInqIfIdsW
RpcNsMgmtHandleSetExpAge
RpcNsMgmtInqExpAge
RpcNsMgmtSetExpAge
RpcNsProfileDeleteA
RpcNsProfileDeleteW
RpcNsProfileEltAddA
RpcNsProfileEltAddW
RpcNsProfileEltInqBeginA
RpcNsProfileEltInqBeginW
RpcNsProfileEltInqDone
RpcNsProfileEltInqNextA
RpcNsProfileEltInqNextW
RpcNsProfileEltRemoveA
RpcNsProfileEltRemoveW
Sections
.text Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 512B - Virtual size: 144B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
mfis/hotplug.dll.dll windows:10 windows x64 arch:x64
3341bc2ede2baeeaf8f8cfa9cad95970
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
HOTPLUG.pdb
Imports
msvcrt
??1type_info@@UEAA@XZ
__CxxFrameHandler3
_initterm
_amsg_exit
_XcptFilter
_CxxThrowException
__C_specific_handler
??1exception@@UEAA@XZ
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@AEBQEBDH@Z
malloc
free
wcschr
_callnewh
_vsnwprintf
?what@exception@@UEBAPEBDXZ
memset
ntdll
NtClose
NtOpenThreadToken
NtOpenProcessToken
NtQueryInformationToken
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
kernel32
GetLastError
GetModuleHandleW
lstrcmpiW
WaitNamedPipeW
GetModuleHandleExW
FreeLibraryAndExitThread
GetExitCodeThread
Sleep
CreateThread
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FormatMessageW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
GetVolumeNameForVolumeMountPointW
LoadLibraryW
lstrcmpW
LocalFree
LocalAlloc
ReadFile
GetProcAddress
CreateFileW
GetCurrentProcess
CloseHandle
DisableThreadLibraryCalls
ResolveDelayLoadedAPI
SetEvent
CreateEventW
WaitForSingleObject
TerminateProcess
FreeLibrary
DelayLoadFailureHook
OpenEventW
advapi32
RegQueryValueExW
OpenSCManagerW
CloseServiceHandle
RegSetValueExW
RegCloseKey
GetTokenInformation
GetServiceDisplayNameW
RegCreateKeyW
LookupPrivilegeValueW
OpenProcessToken
user32
GetClassInfoW
ShowWindow
GetWindowLongPtrW
EndDialog
ScreenToClient
CreateWindowExW
SetWindowLongPtrW
DestroyWindow
PostMessageW
GetMessagePos
DefWindowProcW
SetProcessDPIAware
FindWindowW
TranslateMessage
PeekMessageW
IsWindow
MsgWaitForMultipleObjects
GetMessageW
ReleaseDC
InvalidateRect
LoadImageW
GetProcessDefaultLayout
GetDC
GetWindow
PostQuitMessage
IsDialogMessageW
MessageBoxW
GetParent
DialogBoxParamW
EnableWindow
LoadStringW
SendMessageW
GetSystemMetrics
CheckDlgButton
SetDlgItemTextW
RegisterClassW
GetSysColor
IsDlgButtonChecked
LoadIconW
LoadCursorW
SetCursor
GetDlgItem
DispatchMessageW
KillTimer
DestroyIcon
SetTimer
gdi32
GetDeviceCaps
comctl32
ImageList_Destroy
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Remove
ImageList_GetImageCount
ImageList_SetOverlayImage
ImageList_Create
cfgmgr32
CM_Locate_DevNodeW
CM_Request_Device_Eject_ExW
CM_Is_Dock_Station_Present
CM_Get_Parent_Ex
CM_Get_Device_Interface_List_SizeW
CM_Get_DevNode_Registry_PropertyW
CM_Get_DevNode_Registry_Property_ExW
CM_Get_DevNode_Status_Ex
CM_Get_Device_ID_List_ExW
CM_Get_Device_ID_List_Size_ExW
CM_Get_Device_ID_ExW
CM_Locate_DevNode_ExW
CM_Get_Child_Ex
CM_Open_DevNode_Key_Ex
CM_Get_Sibling_Ex
CM_Get_Device_Interface_ListW
setupapi
SetupDiDestroyDeviceInfoList
SetupDiCreateDeviceInfoList
SetupDiLoadDeviceIcon
SetupDiOpenDeviceInfoW
pSetupGuidFromString
shell32
ShellExecuteExW
ShellExecuteW
Shell_NotifyIconW
shlwapi
StrChrW
ord219
api-ms-win-core-com-l1-1-0
CoCreateInstance
CoUninitialize
CoInitializeEx
Exports
Exports
CPlApplet
DllGetClassObject
HotPlugChildWithInvalidIdW
HotPlugDriverBlockedW
HotPlugEjectDevice
HotPlugEjectDeviceEx
HotPlugEjectVetoedW
HotPlugHibernateVetoedW
HotPlugRemovalVetoedW
HotPlugSafeRemovalDriveNotificationW
HotPlugSafeRemovalNotificationW
HotPlugStandbyVetoedW
HotPlugWarmEjectVetoedW
Sections
.text Size: 30KB - Virtual size: 30KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 11KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 72B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 45KB - Virtual size: 45KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 100B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
v.1.7.1__x64__app.msi.msi