xred | a2d3d6430f6775951cf988d960cfae4093d7a1e4d0f684ddfffaf4599ace9a71

Resubmissions

11-11-2024 03:14

241111-dreswavmgp 10

Sharing

Copy URL

Twitter E-mail

General

Target

a2d3d6430f6775951cf988d960cfae4093d7a1e4d0f684ddfffaf4599ace9a71
Size

125.6MB
MD5

4f662505b8b99848b4a76d8370f54b85
SHA1

855c7461bbc84a54a30ec63be4b8343fca64b20b
SHA256

a2d3d6430f6775951cf988d960cfae4093d7a1e4d0f684ddfffaf4599ace9a71
SHA512

1a5310b7c0b4a946c3f00b09eb2a822b4d0261dce0939b645ac494b32e59fe601eb9305a392a6243be840af7b576dcac4386c95213bfa610d93b4a83abe22fc2
SSDEEP

3145728:UEVDbfmohyN+c38NljFXjmnIqfyyCHOU9ZJrMBn2v:hD5c9OzOIqKVLv

Score

10^/10

upx xred

Malware Config

Extracted

Family

xred

xred.mooo.com

Attributes

email
[email protected]
payload_url
http://freedns.afraid.org/api/?action=getdyndns&sha=a30fa98efc092684e8d1c5cff797bcc613562978

https://docs.google.com/uc?id=0BxsMXGfPIZfSVlVsOGlEVGxuZVk&export=download

https://www.dropbox.com/s/n1w4p8gc6jzo0sg/SUpdate.ini?dl=1

http://xred.site50.net/syn/SUpdate.ini

https://docs.google.com/uc?id=0BxsMXGfPIZfSVzUyaHFYVkQxeFk&export=download

https://www.dropbox.com/s/zhp1b06imehwylq/Synaptics.rar?dl=1

http://xred.site50.net/syn/Synaptics.rar

https://docs.google.com/uc?id=0BxsMXGfPIZfSTmlVYkxhSDg5TzQ&export=download

https://www.dropbox.com/s/fzj752whr3ontsm/SSLLibrary.dll?dl=1

http://xred.site50.net/syn/SSLLibrary.dll

Signatures

Xred family
xred

AutoIT Executable 2 IoCs

AutoIT scripts compiled to PE executables.

Processes:

resource	yara_rule
static1/unpack001/LtHv0O2KZDK4M637.bin	autoit_exe
static1/unpack001/update.bin	autoit_exe

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

Processes:

resource	yara_rule
static1/unpack001/good.bin	upx

Unsigned PE 34 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack002/1.bin
unpack003/VPN/VyprVPN.exe
unpack004/$1/1337/VyprVPN.exe
unpack004/$1/1337/joinResult.exe
unpack005/$1/1337/1111.exe
unpack005/$1/1337/Clipper.exe
unpack005/$PLUGINSDIR/System.dll
unpack004/$PLUGINSDIR/System.dll
unpack003/VPN/xNet.dll
unpack001/2019-09-02_22-41-10.bin
unpack001/31.bin
unpack001/3DMark 11 Advanced Edition.bin
unpack001/Archive.zip__ccacaxs2tbz2t6ob3e.bin
unpack006/WSHSetup[1].bin
unpack001/DiskInternals_Uneraser_v5_keygen.bin
unpack001/ForceOp 2.8.7 - By RaiSence.bin
unpack001/HYDRA.bin
unpack007/#/power.exe
unpack007/#/sant.exe
unpack007/#/ufx.exe
unpack007/#/va.exe
unpack001/Keygen.bin
unpack001/LtHv0O2KZDK4M637.bin
unpack001/Remouse.Micro.Micro.v3.5.3.serial.maker.by.aaocg.bin
unpack001/Treasure.Vault.3D.Screensaver.keygen.by.Paradox.bin
unpack001/VyprVPN.exe
unpack009/$1/1337/VyprVPN.exe
unpack009/$1/1337/joinResult.exe
unpack009/$PLUGINSDIR/System.dll
unpack001/WSHSetup[1].bin
unpack001/good.bin
unpack001/infected dot net installer.bin
unpack001/update.bin
unpack001/xNet.dll

NSIS installer 10 IoCs

installer

Processes:

resource	yara_rule
static1/unpack003/VPN/VyprVPN.exe	nsis_installer_1
static1/unpack003/VPN/VyprVPN.exe	nsis_installer_2
static1/unpack004/$1/1337/joinResult.exe	nsis_installer_1
static1/unpack004/$1/1337/joinResult.exe	nsis_installer_2
static1/unpack001/HYDRA.bin	nsis_installer_1
static1/unpack001/HYDRA.bin	nsis_installer_2
static1/unpack001/VyprVPN.exe	nsis_installer_1
static1/unpack001/VyprVPN.exe	nsis_installer_2
static1/unpack009/$1/1337/joinResult.exe	nsis_installer_1
static1/unpack009/$1/1337/joinResult.exe	nsis_installer_2

Files

a2d3d6430f6775951cf988d960cfae4093d7a1e4d0f684ddfffaf4599ace9a71
.rar
1.bin.zip
.zip

Password: infected
1.bin
.exe windows:4 windows x86 arch:x86

5877688b4859ffd051f6be3b8e0cd533

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
wcsncmp
memmove
wcsncpy
wcsstr
_wcsnicmp
_wcsdup
free
_wcsicmp
wcslen
wcscpy
wcscmp
memcpy
tolower
wcscat
malloc

kernel32

GetModuleHandleW
HeapCreate
GetStdHandle
HeapDestroy
ExitProcess
WriteFile
GetTempFileNameW
LoadLibraryExW
EnumResourceTypesW
FreeLibrary
RemoveDirectoryW
GetExitCodeProcess
EnumResourceNamesW
GetCommandLineW
LoadResource
SizeofResource
FreeResource
FindResourceW
GetNativeSystemInfo
GetShortPathNameW
GetWindowsDirectoryW
GetSystemDirectoryW
EnterCriticalSection
CloseHandle
LeaveCriticalSection
InitializeCriticalSection
WaitForSingleObject
TerminateThread
CreateThread
Sleep
GetProcAddress
GetVersionExW
WideCharToMultiByte
HeapAlloc
HeapFree
LoadLibraryW
GetCurrentProcessId
GetCurrentThreadId
GetModuleFileNameW
GetEnvironmentVariableW
SetEnvironmentVariableW
GetCurrentProcess
TerminateProcess
SetUnhandledExceptionFilter
HeapSize
MultiByteToWideChar
CreateDirectoryW
SetFileAttributesW
GetTempPathW
DeleteFileW
GetCurrentDirectoryW
SetCurrentDirectoryW
CreateFileW
SetFilePointer
TlsFree
TlsGetValue
TlsSetValue
TlsAlloc
HeapReAlloc
DeleteCriticalSection
InterlockedCompareExchange
InterlockedExchange
GetLastError
SetLastError
UnregisterWait
GetCurrentThread
DuplicateHandle
RegisterWaitForSingleObject

user32

CharUpperW
CharLowerW
MessageBoxW
DefWindowProcW
DestroyWindow
GetWindowLongW
GetWindowTextLengthW
GetWindowTextW
UnregisterClassW
LoadIconW
LoadCursorW
RegisterClassExW
IsWindowEnabled
EnableWindow
GetSystemMetrics
CreateWindowExW
SetWindowLongW
SendMessageW
SetFocus
CreateAcceleratorTableW
SetForegroundWindow
BringWindowToTop
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
DestroyAcceleratorTable
PostMessageW
GetForegroundWindow
GetWindowThreadProcessId
IsWindowVisible
EnumWindows
SetWindowPos

gdi32

GetStockObject

comctl32

InitCommonControlsEx

shell32

ShellExecuteExW
SHGetFolderLocation
SHGetPathFromIDListW

winmm

timeBeginPeriod

ole32

CoInitialize
CoTaskMemFree

shlwapi

PathAddBackslashW
PathRenameExtensionW
PathQuoteSpacesW
PathRemoveArgsW
PathRemoveBackslashW

Sections

.code
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12.4MB - Virtual size: 12.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
1.rar
.rar
VPN/VyprVPN.exe
.exe windows:4 windows x86 arch:x86

4f67aeda01a0484282e8c59006b0b352

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
ReadFile
GetFileAttributesA
SetFileAttributesA
ExitProcess
SetEnvironmentVariableA
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
lstrlenA
GetVersion
GetCurrentProcess
GetFullPathNameA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
GetLastError
CreateDirectoryA
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
WriteFile
lstrcpyA
MoveFileExA
lstrcatA
GetSystemDirectoryA
GetProcAddress
CloseHandle
SetCurrentDirectoryA
MoveFileA
CompareFileTime
GetShortPathNameA
SearchPathA
lstrcmpiA
SetFileTime
lstrcmpA
ExpandEnvironmentStringsA
lstrcpynA
SetErrorMode
GlobalFree
FindFirstFileA
FindNextFileA
DeleteFileA
SetFilePointer
GetPrivateProfileStringA
FindClose
MultiByteToWideChar
FreeLibrary
MulDiv
WritePrivateProfileStringA
LoadLibraryExA
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
GlobalAlloc

user32

ScreenToClient
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
PostQuitMessage
GetWindowRect
EnableMenuItem
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
ReleaseDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndDialog
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
GetDC
CreateDialogParamA
SetTimer
GetDlgItem
SetWindowLongA
SetForegroundWindow
LoadImageA
IsWindow
SendMessageTimeoutA
FindWindowExA
OpenClipboard
TrackPopupMenu
AppendMenuA
EndPaint
DestroyWindow
wsprintfA
ShowWindow
SetWindowTextA

gdi32

SelectObject
SetBkMode
CreateFontIndirectA
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA

advapi32

RegDeleteKeyA
SetFileSecurityA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegEnumValueA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegEnumKeyA

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_Destroy
ord17

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$1/1337/VyprVPN.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\root\source\repos\Project\Project\obj\Release\VyprVPN.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$1/1337/joinResult.exe
.exe windows:4 windows x86 arch:x86

4f67aeda01a0484282e8c59006b0b352

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
ReadFile
GetFileAttributesA
SetFileAttributesA
ExitProcess
SetEnvironmentVariableA
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
lstrlenA
GetVersion
GetCurrentProcess
GetFullPathNameA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
GetLastError
CreateDirectoryA
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
WriteFile
lstrcpyA
MoveFileExA
lstrcatA
GetSystemDirectoryA
GetProcAddress
CloseHandle
SetCurrentDirectoryA
MoveFileA
CompareFileTime
GetShortPathNameA
SearchPathA
lstrcmpiA
SetFileTime
lstrcmpA
ExpandEnvironmentStringsA
lstrcpynA
SetErrorMode
GlobalFree
FindFirstFileA
FindNextFileA
DeleteFileA
SetFilePointer
GetPrivateProfileStringA
FindClose
MultiByteToWideChar
FreeLibrary
MulDiv
WritePrivateProfileStringA
LoadLibraryExA
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
GlobalAlloc

user32

ScreenToClient
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
PostQuitMessage
GetWindowRect
EnableMenuItem
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
ReleaseDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndDialog
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
GetDC
CreateDialogParamA
SetTimer
GetDlgItem
SetWindowLongA
SetForegroundWindow
LoadImageA
IsWindow
SendMessageTimeoutA
FindWindowExA
OpenClipboard
TrackPopupMenu
AppendMenuA
EndPaint
DestroyWindow
wsprintfA
ShowWindow
SetWindowTextA

gdi32

SelectObject
SetBkMode
CreateFontIndirectA
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA

advapi32

RegDeleteKeyA
SetFileSecurityA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegEnumValueA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegEnumKeyA

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_Destroy
ord17

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 364KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$1/1337/1111.exe
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 246KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 31KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 5KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 17KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 174KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 932KB - Virtual size: 936KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
$1/1337/Clipper.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

8c8a576201f68de1a3f26fc723b9f30f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
GlobalFree
GlobalSize
lstrcpynA
lstrcpyA
GetProcAddress
VirtualFree
FreeLibrary
lstrlenA
LoadLibraryA
GetModuleHandleA
GlobalAlloc
WideCharToMultiByte
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 851B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

8c8a576201f68de1a3f26fc723b9f30f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
GlobalFree
GlobalSize
lstrcpynA
lstrcpyA
GetProcAddress
VirtualFree
FreeLibrary
lstrlenA
LoadLibraryA
GetModuleHandleA
GlobalAlloc
WideCharToMultiByte
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 851B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VPN/xNet.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\User\Documents\Visual Studio 2015\Projects\xNet\obj\Release\xNet.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
2019-09-02_22-41-10.bin
.exe windows:5 windows x86 arch:x86

0b940f4d2992021389a241ab8513fc6b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\huzufawapijoh_fabujavonud39_mihugimosomofexepag-vatipado.pdb

Imports

kernel32

DuplicateHandle
lstrcatA
ExitThread
GetModuleHandleA
GetLastError
CloseHandle
LocalAlloc
GetProcAddress
WTSGetActiveConsoleSessionId
GlobalFix
GetTickCount
GetCurrencyFormatA
LocalShrink
lstrlenA
PeekConsoleInputW
GetHandleInformation
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
EncodePointer
RaiseException
SetLastError
RtlUnwind
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetStdHandle
WriteFile
GetModuleFileNameW
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
GetModuleHandleExW
GetACP
HeapFree
HeapAlloc
LCMapStringW
GetFileType
FlushFileBuffers
GetConsoleCP
GetConsoleMode
ReadFile
SetFilePointerEx
GetStringTypeW
ReadConsoleW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetProcessHeap
DecodePointer
CreateFileW
WriteConsoleW
HeapSize
HeapReAlloc
SetEndOfFile

advapi32

CreateProcessAsUserA
AdjustTokenPrivileges

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
31.bin
.exe windows:4 windows x86 arch:x86

5877688b4859ffd051f6be3b8e0cd533

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
wcsncmp
memmove
wcsncpy
wcsstr
_wcsnicmp
_wcsdup
free
_wcsicmp
wcslen
wcscpy
wcscmp
memcpy
tolower
wcscat
malloc

kernel32

GetModuleHandleW
HeapCreate
GetStdHandle
HeapDestroy
ExitProcess
WriteFile
GetTempFileNameW
LoadLibraryExW
EnumResourceTypesW
FreeLibrary
RemoveDirectoryW
GetExitCodeProcess
EnumResourceNamesW
GetCommandLineW
LoadResource
SizeofResource
FreeResource
FindResourceW
GetNativeSystemInfo
GetShortPathNameW
GetWindowsDirectoryW
GetSystemDirectoryW
EnterCriticalSection
CloseHandle
LeaveCriticalSection
InitializeCriticalSection
WaitForSingleObject
TerminateThread
CreateThread
Sleep
GetProcAddress
GetVersionExW
WideCharToMultiByte
HeapAlloc
HeapFree
LoadLibraryW
GetCurrentProcessId
GetCurrentThreadId
GetModuleFileNameW
GetEnvironmentVariableW
SetEnvironmentVariableW
GetCurrentProcess
TerminateProcess
SetUnhandledExceptionFilter
HeapSize
MultiByteToWideChar
CreateDirectoryW
SetFileAttributesW
GetTempPathW
DeleteFileW
GetCurrentDirectoryW
SetCurrentDirectoryW
CreateFileW
SetFilePointer
TlsFree
TlsGetValue
TlsSetValue
TlsAlloc
HeapReAlloc
DeleteCriticalSection
InterlockedCompareExchange
InterlockedExchange
GetLastError
SetLastError
UnregisterWait
GetCurrentThread
DuplicateHandle
RegisterWaitForSingleObject

user32

CharUpperW
CharLowerW
MessageBoxW
DefWindowProcW
DestroyWindow
GetWindowLongW
GetWindowTextLengthW
GetWindowTextW
UnregisterClassW
LoadIconW
LoadCursorW
RegisterClassExW
IsWindowEnabled
EnableWindow
GetSystemMetrics
CreateWindowExW
SetWindowLongW
SendMessageW
SetFocus
CreateAcceleratorTableW
SetForegroundWindow
BringWindowToTop
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
DestroyAcceleratorTable
PostMessageW
GetForegroundWindow
GetWindowThreadProcessId
IsWindowVisible
EnumWindows
SetWindowPos

gdi32

GetStockObject

comctl32

InitCommonControlsEx

shell32

ShellExecuteExW
SHGetFolderLocation
SHGetPathFromIDListW

winmm

timeBeginPeriod

ole32

CoInitialize
CoTaskMemFree

shlwapi

PathAddBackslashW
PathRenameExtensionW
PathQuoteSpacesW
PathRemoveArgsW
PathRemoveBackslashW

Sections

.code
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12.4MB - Virtual size: 12.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
3DMark 11 Advanced Edition.bin
.exe windows:5 windows x86 arch:x86

fcf1390e9ce472c7270447fc5c61a0c1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Projects\WinRAR\sfx\build\sfxrar32\Release\sfxrar.pdb

Imports

kernel32

GetLastError
SetLastError
FormatMessageW
GetCurrentProcess
DeviceIoControl
SetFileTime
CloseHandle
CreateDirectoryW
RemoveDirectoryW
CreateFileW
DeleteFileW
CreateHardLinkW
GetShortPathNameW
GetLongPathNameW
MoveFileW
GetFileType
GetStdHandle
WriteFile
ReadFile
FlushFileBuffers
SetEndOfFile
SetFilePointer
SetFileAttributesW
GetFileAttributesW
FindClose
FindFirstFileW
FindNextFileW
GetVersionExW
GetCurrentDirectoryW
GetFullPathNameW
FoldStringW
GetModuleFileNameW
GetModuleHandleW
FindResourceW
FreeLibrary
GetProcAddress
GetCurrentProcessId
ExitProcess
SetThreadExecutionState
Sleep
LoadLibraryW
GetSystemDirectoryW
CompareStringW
AllocConsole
FreeConsole
AttachConsole
WriteConsoleW
GetProcessAffinityMask
CreateThread
SetThreadPriority
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
ResetEvent
ReleaseSemaphore
WaitForSingleObject
CreateEventW
CreateSemaphoreW
GetSystemTime
SystemTimeToTzSpecificLocalTime
TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
FileTimeToSystemTime
GetCPInfo
IsDBCSLeadByte
MultiByteToWideChar
WideCharToMultiByte
GlobalAlloc
LockResource
GlobalLock
GlobalUnlock
GlobalFree
LoadResource
SizeofResource
SetCurrentDirectoryW
GetExitCodeProcess
GetLocalTime
GetTickCount
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
GetCommandLineW
SetEnvironmentVariableW
ExpandEnvironmentStringsW
GetTempPathW
MoveFileExW
GetLocaleInfoW
GetTimeFormatW
GetDateFormatW
GetNumberFormatW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
HeapSize
SetStdHandle
GetProcessHeap
RaiseException
GetSystemInfo
VirtualProtect
VirtualQuery
LoadLibraryExA
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
TerminateProcess
RtlUnwind
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
QueryPerformanceFrequency
GetModuleHandleExW
GetModuleFileNameA
GetACP
HeapFree
HeapAlloc
HeapReAlloc
GetStringTypeW
LCMapStringW
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
DecodePointer

gdiplus

GdiplusShutdown
GdiplusStartup
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipDisposeImage
GdipCloneImage
GdipFree
GdipAlloc

Sections

.text
Size: 193KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Archive.zip__ccacaxs2tbz2t6ob3e.bin
.exe windows:5 windows x86 arch:x86

ecc8b2d72205d5666936947a45fa8392

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetSystemTime
GetLocalTime
lstrlenW
GetModuleFileNameW
GetModuleHandleW
CreateProcessW
OutputDebugStringW
Sleep
GetTempFileNameW
GetVersionExW
GetVersion
MultiByteToWideChar
CopyFileW
WriteConsoleW
SetStdHandle
WaitForSingleObject
GetExitCodeProcess
TerminateProcess
GetProcAddress
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
RaiseException
InterlockedDecrement
GetTempPathW
DecodePointer
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
HeapSize
GetConsoleMode
GetConsoleCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
HeapReAlloc
GetFileType
HeapAlloc
HeapFree
GetACP
WriteFile
GetStdHandle
FormatMessageW
WideCharToMultiByte
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
SetFilePointerEx
GetStringTypeW
SetLastError
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
EncodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
IsDebuggerPresent
LocalFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
IsProcessorFeaturePresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RtlUnwind
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW

user32

wvsprintfW

advapi32

GetUserNameW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyW
RegCreateKeyExW
RegCreateKeyW

shell32

SHGetFolderPathW

ole32

OleRun
CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

GetErrorInfo
SysFreeString
SysAllocString
SysStringByteLen
SysAllocStringByteLen
VariantClear
VariantInit

wininet

HttpSendRequestW
HttpOpenRequestW
InternetConnectW
InternetCloseHandle
InternetOpenW
InternetReadFile

urlmon

URLDownloadToFileW

rpcrt4

UuidCreate
UuidToStringW

Sections

.text
Size: 289KB - Virtual size: 289KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CVE-2018-15982_PoC.swf
CVWSHSetup[1].bin.zip
.zip

Password: infected
WSHSetup[1].bin
.exe windows:5 windows x86 arch:x86

3c977911c8eee24abac5edc906e5e72c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsW
LoadLibraryW
GetStringTypeW
HeapCreate
HeapSize
SetHandleCount
FlushFileBuffers
GetConsoleCP
LCMapStringW
IsValidCodePage
GetOEMCP
GetCPInfo
IsProcessorFeaturePresent
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetEnvironmentStringsW
TlsFree
GetCurrentProcessId
TlsGetValue
TlsAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineA
VirtualQuery
GetSystemInfo
GetModuleHandleW
VirtualAlloc
VirtualProtect
GetModuleFileNameW
GetStdHandle
WriteConsoleW
HeapReAlloc
HeapFree
HeapAlloc
EncodePointer
DecodePointer
RtlUnwind
SetStdHandle
LocalFree
SetLastError
QueryPerformanceCounter
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetSystemTimeAsFileTime
TlsSetValue
CreateFileW
GetCommState
SetErrorMode
GetLogicalDrives
GetVolumePathNameW
GetVolumeNameForVolumeMountPointW
GetComputerNameExW
GetConsoleMode
CreateEventA
WaitForSingleObject
IsDBCSLeadByte
lstrcmpiA
LoadLibraryExA
lstrlenA
lstrlenW
InitializeCriticalSectionAndSpinCount
RaiseException
FreeLibrary
WriteFile
SetFileTime
CreateDirectoryA
DosDateTimeToFileTime
SystemTimeToFileTime
GetCurrentProcess
DuplicateHandle
GetFileType
SetFilePointer
ExitProcess
GetCurrentDirectoryA
GetModuleFileNameA
FindResourceA
LoadResource
FreeResource
SizeofResource
LockResource
GetLastError
GetModuleHandleA
WideCharToMultiByte
GlobalAlloc
GlobalLock
GlobalUnlock
CreateFileA
GetFileSize
CloseHandle
ReadFile
InterlockedIncrement
InterlockedDecrement
LoadLibraryA
GetProcAddress
GetACP
MultiByteToWideChar
MulDiv
GetTickCount
GetLocalTime
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetVersionExA
InitializeCriticalSection
Sleep
GetCurrentThreadId

user32

MessageBoxA
SetWindowRgn
wvsprintfA
OffsetRect
SystemParametersInfoA
CharPrevA
DrawTextA
UnionRect
GetActiveWindow
GetUpdateRect
IsWindowVisible
SetRect
MessageBoxW
GetDlgItem
CheckMenuRadioItem
GetDCEx
IsZoomed
GetWindowRect
UpdateWindow
MoveWindow
DestroyWindow
ReleaseDC
GetDC
ReleaseCapture
SetCapture
FillRect
LockWindowUpdate
SetClassLongA
GetClassLongA
AttachThreadInput
CopyImage
SetScrollPos
AppendMenuW
TrackPopupMenu
InvalidateRect
InvalidateRgn
DefWindowProcA
GetMenuCheckMarkDimensions
GetClientRect
SetTimer
EndPaint
BeginPaint
PtInRect
ScreenToClient
ClientToScreen
GetGUIThreadInfo
ShowWindow
SetFocus
SetCursor
LoadCursorA
CharNextA
IntersectRect
GetParent
GetMonitorInfoA
MonitorFromWindow
MapWindowPoints
GetFocus
GetCursorPos
SendMessageA
SetWindowPos
IsRectEmpty
GetWindowTextLengthA
EnableWindow
SetWindowTextA
GetCaretPos
GetCaretBlinkTime
GetWindowTextA
CreateCaret
HideCaret
ShowCaret
SetCaretPos
GetSysColor
GetKeyState
GetWindowLongA
KillTimer
PostMessageA
SetPropA
GetPropA
CallWindowProcA
GetClassInfoExA
CreateWindowExA
SetWindowLongA
IsWindow
DispatchMessageA
TranslateMessage
GetMessageA
DialogBoxIndirectParamA
EnableMenuItem
GetSystemMenu
CreateAcceleratorTableA
RegisterClassExA
RegisterClassA
GetWindow
IsIconic

gdi32

GetStockObject
CreateFontIndirectA
GetObjectA
SetBkMode
SetTextColor
CreatePatternBrush
CreateSolidBrush
DeleteObject
GetDeviceCaps
RoundRect
TextOutA
CreatePen
GetCharABCWidthsA
ExtSelectClipRgn
GdiFlush
CreateFontA
Escape
ExtEscape
EnumObjects
CreateDCA
SetDCPenColor
DeleteDC
SetWindowOrgEx
Rectangle
RestoreDC
BitBlt
SaveDC
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetTextMetricsA
SelectClipRgn
CombineRgn
CreateRectRgnIndirect
GetClipBox
CreateRoundRectRgn
StretchBlt
SetStretchBltMode
ExtTextOutA
SetBkColor
LineTo
MoveToEx
GetTextExtentPoint32A
CreateDIBSection
CreatePenIndirect

comdlg32

GetOpenFileNameA

advapi32

MakeAbsoluteSD2
RegCloseKey
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyExA
IsValidSecurityDescriptor
LookupPrivilegeValueW
LsaAddAccountRights
LookupPrivilegeNameA
RegSetValueExA
RegQueryInfoKeyW
RegDeleteValueA

shell32

ShellExecuteA

ole32

OleLockRunning
CoInitialize
CoUninitialize
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
OleInitialize
OleUninitialize
CreateStreamOnHGlobal
CoCreateInstance
CLSIDFromString
CLSIDFromProgID

oleaut32

BSTR_UserSize
VarUI4FromStr
SysAllocStringLen
VariantInit
VariantClear
SysFreeString
SysAllocString

gdiplus

GdipGetImageWidth
GdipGetImageHeight
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipGetFamily
GdipCreateFontFromDC
GdipCloneBrush
GdipSetTextRenderingHint
GdipCreateStringFormat
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipCreateLineBrushI
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipSetSmoothingMode
GdipSetCompositingQuality
GdipSetInterpolationMode
GdipSetPixelOffsetMode
GdipDrawString
GdipGraphicsClear
GdipDrawImage
GdipDeleteFontFamily
GdipDeleteBrush
GdipDeleteStringFormat
GdipDeleteFont
GdiplusShutdown
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipFree
GdipAlloc
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipCreateFromHDC
GdipDrawImageRectI
GdipImageSelectActiveFrame
GdipDeleteGraphics
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipCreateFontFromLogfontA

imm32

ImmSetCompositionFontA
ImmSetCompositionWindow
ImmGetContext
ImmReleaseContext

comctl32

_TrackMouseEvent
ord17

winmm

mmioWrite
mmioCreateChunk
mmioOpenW
mmioAscend

urlmon

CreateAsyncBindCtx

msacm32

acmDriverOpen

netapi32

NetWkstaUserGetInfo

iphlpapi

GetIpNetTable

avifil32

AVIMakeCompressedStream

wsnmp32

ord501

d2d1

ord1

dwrite

DWriteCreateFactory

Sections

.text
Size: 612KB - Virtual size: 612KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DiskInternals_Uneraser_v5_keygen.bin
.exe windows:5 windows x86 arch:x86

fcf1390e9ce472c7270447fc5c61a0c1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Projects\WinRAR\sfx\build\sfxrar32\Release\sfxrar.pdb

Imports

kernel32

GetLastError
SetLastError
FormatMessageW
GetCurrentProcess
DeviceIoControl
SetFileTime
CloseHandle
CreateDirectoryW
RemoveDirectoryW
CreateFileW
DeleteFileW
CreateHardLinkW
GetShortPathNameW
GetLongPathNameW
MoveFileW
GetFileType
GetStdHandle
WriteFile
ReadFile
FlushFileBuffers
SetEndOfFile
SetFilePointer
SetFileAttributesW
GetFileAttributesW
FindClose
FindFirstFileW
FindNextFileW
GetVersionExW
GetCurrentDirectoryW
GetFullPathNameW
FoldStringW
GetModuleFileNameW
GetModuleHandleW
FindResourceW
FreeLibrary
GetProcAddress
GetCurrentProcessId
ExitProcess
SetThreadExecutionState
Sleep
LoadLibraryW
GetSystemDirectoryW
CompareStringW
AllocConsole
FreeConsole
AttachConsole
WriteConsoleW
GetProcessAffinityMask
CreateThread
SetThreadPriority
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
ResetEvent
ReleaseSemaphore
WaitForSingleObject
CreateEventW
CreateSemaphoreW
GetSystemTime
SystemTimeToTzSpecificLocalTime
TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
FileTimeToSystemTime
GetCPInfo
IsDBCSLeadByte
MultiByteToWideChar
WideCharToMultiByte
GlobalAlloc
LockResource
GlobalLock
GlobalUnlock
GlobalFree
LoadResource
SizeofResource
SetCurrentDirectoryW
GetExitCodeProcess
GetLocalTime
GetTickCount
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
GetCommandLineW
SetEnvironmentVariableW
ExpandEnvironmentStringsW
GetTempPathW
MoveFileExW
GetLocaleInfoW
GetTimeFormatW
GetDateFormatW
GetNumberFormatW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
HeapSize
SetStdHandle
GetProcessHeap
RaiseException
GetSystemInfo
VirtualProtect
VirtualQuery
LoadLibraryExA
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
TerminateProcess
RtlUnwind
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
QueryPerformanceFrequency
GetModuleHandleExW
GetModuleFileNameA
GetACP
HeapFree
HeapAlloc
HeapReAlloc
GetStringTypeW
LCMapStringW
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
DecodePointer

gdiplus

GdiplusShutdown
GdiplusStartup
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipDisposeImage
GdipCloneImage
GdipFree
GdipAlloc

Sections

.text
Size: 193KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ForceOp 2.8.7 - By RaiSence.bin
.exe windows:5 windows x86 arch:x86

fcf1390e9ce472c7270447fc5c61a0c1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Projects\WinRAR\sfx\build\sfxrar32\Release\sfxrar.pdb

Imports

kernel32

GetLastError
SetLastError
FormatMessageW
GetCurrentProcess
DeviceIoControl
SetFileTime
CloseHandle
CreateDirectoryW
RemoveDirectoryW
CreateFileW
DeleteFileW
CreateHardLinkW
GetShortPathNameW
GetLongPathNameW
MoveFileW
GetFileType
GetStdHandle
WriteFile
ReadFile
FlushFileBuffers
SetEndOfFile
SetFilePointer
SetFileAttributesW
GetFileAttributesW
FindClose
FindFirstFileW
FindNextFileW
GetVersionExW
GetCurrentDirectoryW
GetFullPathNameW
FoldStringW
GetModuleFileNameW
GetModuleHandleW
FindResourceW
FreeLibrary
GetProcAddress
GetCurrentProcessId
ExitProcess
SetThreadExecutionState
Sleep
LoadLibraryW
GetSystemDirectoryW
CompareStringW
AllocConsole
FreeConsole
AttachConsole
WriteConsoleW
GetProcessAffinityMask
CreateThread
SetThreadPriority
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
ResetEvent
ReleaseSemaphore
WaitForSingleObject
CreateEventW
CreateSemaphoreW
GetSystemTime
SystemTimeToTzSpecificLocalTime
TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
FileTimeToSystemTime
GetCPInfo
IsDBCSLeadByte
MultiByteToWideChar
WideCharToMultiByte
GlobalAlloc
LockResource
GlobalLock
GlobalUnlock
GlobalFree
LoadResource
SizeofResource
SetCurrentDirectoryW
GetExitCodeProcess
GetLocalTime
GetTickCount
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
GetCommandLineW
SetEnvironmentVariableW
ExpandEnvironmentStringsW
GetTempPathW
MoveFileExW
GetLocaleInfoW
GetTimeFormatW
GetDateFormatW
GetNumberFormatW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
HeapSize
SetStdHandle
GetProcessHeap
RaiseException
GetSystemInfo
VirtualProtect
VirtualQuery
LoadLibraryExA
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
TerminateProcess
RtlUnwind
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
QueryPerformanceFrequency
GetModuleHandleExW
GetModuleFileNameA
GetACP
HeapFree
HeapAlloc
HeapReAlloc
GetStringTypeW
LCMapStringW
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
DecodePointer

gdiplus

GdiplusShutdown
GdiplusStartup
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipDisposeImage
GdipCloneImage
GdipFree
GdipAlloc

Sections

.text
Size: 193KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HYDRA.bin
.exe windows:4 windows x86 arch:x86

3abe302b6d9a1256e6a915429af4ffd2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetEnvironmentVariableA
Sleep
GetTickCount
GetCommandLineA
lstrlenA
GetVersion
SetErrorMode
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GetWindowsDirectoryA
SetCurrentDirectoryA
GetLastError
CreateDirectoryA
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
ReadFile
WriteFile
lstrcpyA
MoveFileExA
lstrcatA
GetSystemDirectoryA
GetProcAddress
GetExitCodeProcess
WaitForSingleObject
CompareFileTime
SetFileAttributesA
GetFileAttributesA
GetShortPathNameA
MoveFileA
GetFullPathNameA
SetFileTime
SearchPathA
CloseHandle
lstrcmpiA
CreateThread
GlobalLock
lstrcmpA
FindFirstFileA
FindNextFileA
DeleteFileA
SetFilePointer
GetPrivateProfileStringA
FindClose
MultiByteToWideChar
FreeLibrary
MulDiv
WritePrivateProfileStringA
LoadLibraryExA
GetModuleHandleA
GlobalAlloc
GlobalFree
ExpandEnvironmentStringsA

user32

ScreenToClient
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
PostQuitMessage
GetWindowRect
EnableMenuItem
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
ReleaseDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndDialog
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
GetDC
CreateDialogParamA
SetTimer
GetDlgItem
SetWindowLongA
SetForegroundWindow
LoadImageA
IsWindow
SendMessageTimeoutA
FindWindowExA
OpenClipboard
TrackPopupMenu
AppendMenuA
EndPaint
DestroyWindow
wsprintfA
ShowWindow
SetWindowTextA

gdi32

SelectObject
SetBkMode
CreateFontIndirectA
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
ShellExecuteExA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
SHFileOperationA

advapi32

AdjustTokenPrivileges
RegCreateKeyExA
RegOpenKeyExA
SetFileSecurityA
OpenProcessToken
LookupPrivilegeValueA
RegEnumValueA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegEnumKeyA

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_Destroy
ord17

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
#/power.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 428KB - Virtual size: 428KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
#/sant.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
#/ufx.exe
.exe windows:5 windows x86 arch:x86

3eaa732d4dae53340f9646bdd85dac41

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\WinRAR\SFX\build\sfxrar32\Release\sfxrar.pdb

Imports

comctl32

InitCommonControlsEx

shlwapi

SHAutoComplete

kernel32

ReadFile
GetFileAttributesW
SetFileAttributesW
FindNextFileW
GetFullPathNameW
GetModuleFileNameW
FindResourceW
GetModuleHandleW
FreeLibrary
GetProcAddress
LoadLibraryW
GetCurrentProcessId
GetLocaleInfoW
GetNumberFormatW
ExpandEnvironmentStringsW
WaitForSingleObject
DosDateTimeToFileTime
GetDateFormatW
GetTimeFormatW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetExitCodeProcess
GetTempPathW
MoveFileExW
Sleep
UnmapViewOfFile
MapViewOfFile
GetCommandLineW
CreateFileMappingW
GetTickCount
SetEnvironmentVariableW
OpenFileMappingW
CreateThread
EnterCriticalSection
LeaveCriticalSection
GetProcessAffinityMask
ReleaseSemaphore
ResetEvent
DeleteCriticalSection
SetEvent
SetThreadPriority
InitializeCriticalSection
CreateEventW
CreateSemaphoreW
SystemTimeToFileTime
GetSystemTime
LocalFileTimeToFileTime
WideCharToMultiByte
MultiByteToWideChar
CompareStringW
IsDBCSLeadByte
FindFirstFileW
GetFileType
SetCurrentDirectoryW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LoadLibraryA
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
QueryPerformanceCounter
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetModuleFileNameA
ExitProcess
HeapSize
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
VirtualAlloc
VirtualFree
HeapCreate
InterlockedDecrement
GetCurrentThreadId
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetCommandLineA
RaiseException
GetSystemTimeAsFileTime
SetEndOfFile
SetFilePointer
GetStdHandle
WriteFile
FlushFileBuffers
GetLongPathNameW
MoveFileW
GetShortPathNameW
CreateDirectoryW
RemoveDirectoryW
GlobalAlloc
DeleteFileW
FindClose
CreateFileW
DeviceIoControl
SetFileTime
GetCurrentProcess
CloseHandle
CreateHardLinkW
SetLastError
GetLastError
GetCurrentDirectoryW
CreateFileA
GetCPInfo
HeapAlloc
HeapReAlloc
HeapFree
RtlUnwind

user32

EnableWindow
ShowWindow
GetDlgItem
MessageBoxW
FindWindowExW
GetParent
MapWindowPoints
CreateWindowExW
UpdateWindow
LoadCursorW
RegisterClassExW
DefWindowProcW
DestroyWindow
CopyRect
IsWindow
CharUpperW
OemToCharBuffA
LoadIconW
PostMessageW
GetSysColor
SetForegroundWindow
WaitForInputIdle
IsWindowVisible
DialogBoxParamW
DestroyIcon
SetFocus
GetClassNameW
SendDlgItemMessageW
EndDialog
GetDlgItemTextW
SetDlgItemTextW
wvsprintfW
SendMessageW
GetDC
ReleaseDC
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
LoadStringW
GetWindowRect
GetClientRect
SetWindowPos
GetWindowTextW
SetWindowTextW
GetSystemMetrics
GetWindow
GetWindowLongW
SetWindowLongW
LoadBitmapW

gdi32

GetDeviceCaps
CreateCompatibleDC
GetObjectW
CreateCompatibleBitmap
SelectObject
StretchBlt
DeleteDC
DeleteObject

comdlg32

GetSaveFileNameW
CommDlgExtendedError
GetOpenFileNameW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
SetFileSecurityW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges

shell32

SHChangeNotify
SHGetFileInfoW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteExW
SHFileOperationW

ole32

CLSIDFromString
CoCreateInstance
OleInitialize
OleUninitialize
CreateStreamOnHGlobal

oleaut32

VariantInit

Sections

.text
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
#/va.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 12B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Keygen.bin
.exe windows:4 windows x86 arch:x86

06ac1f21ee2a357ffb0dd7db52cbbb13

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
strncpy
_strnicmp
strncmp
strlen
strcmp
memmove
memcpy
sprintf

kernel32

GetModuleHandleA
HeapCreate
RemoveDirectoryA
GetShortPathNameA
HeapDestroy
ExitProcess
GetTempFileNameA
FindResourceA
LoadResource
SizeofResource
GetExitCodeProcess
HeapFree
HeapAlloc
LoadLibraryA
GetProcAddress
FreeLibrary
GetCurrentThreadId
GetCurrentProcessId
InitializeCriticalSection
GetCommandLineA
GetModuleFileNameA
GetEnvironmentVariableA
SetEnvironmentVariableA
CloseHandle
GetCurrentProcess
TerminateProcess
SetUnhandledExceptionFilter
GetVersionExA
Sleep
HeapReAlloc
EnterCriticalSection
LeaveCriticalSection
SetLastError
GetCurrentDirectoryA
SetCurrentDirectoryA
DeleteFileA
GetTempPathA
CreateDirectoryA
WriteFile
CreateFileA
SetFilePointer
ReadFile

comctl32

InitCommonControls
InitCommonControlsEx

user32

MessageBoxA
SendMessageA
GetWindowThreadProcessId
IsWindowVisible
IsWindowEnabled
GetForegroundWindow
EnableWindow
EnumWindows
DestroyWindow
GetSysColor
GetSysColorBrush
CreateWindowExA
GetWindowLongA
PostMessageA
CallWindowProcA
SetWindowLongA
SetFocus
GetWindowTextLengthA
GetWindowTextA
RedrawWindow
RemovePropA
DefWindowProcA
SetPropA
GetParent
GetPropA
GetWindow
SetActiveWindow
UnregisterClassA
DestroyAcceleratorTable
LoadIconA
LoadCursorA
RegisterClassA
AdjustWindowRect
GetSystemMetrics
GetActiveWindow
GetWindowRect
ShowWindow
CreateAcceleratorTableA
PeekMessageA
MsgWaitForMultipleObjects
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
SetCursorPos
LoadImageA
SetCursor
MapWindowPoints
MoveWindow
SystemParametersInfoA
GetKeyState
SetCapture
GetCursorPos
ReleaseCapture
GetClientRect
FillRect
EnumChildWindows
DefFrameProcA
GetFocus
IsChild
GetClassNameA

gdi32

GetStockObject
SetBkColor
SetTextColor
CreateSolidBrush
DeleteObject

ole32

CoInitialize
CoTaskMemFree
RevokeDragDrop

shell32

ShellExecuteExA

shlwapi

PathQuoteSpacesA

Sections

.code
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 814KB - Virtual size: 814KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Lonelyscreen.1.2.9.keygen.by.Paradox.zip
.zip
LtHv0O2KZDK4M637.bin
.exe windows:5 windows x86 arch:x86

eb97e4fc5518ac300a92a11673825e0b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSACleanup
socket
inet_ntoa
setsockopt
ntohs
recvfrom
ioctlsocket
htons
WSAStartup
__WSAFDIsSet
select
accept
listen
bind
closesocket
WSAGetLastError
recv
sendto
send
inet_addr
gethostbyname
gethostname
connect

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

winmm

timeGetTime
waveOutSetVolume
mciSendStringW

comctl32

ImageList_ReplaceIcon
ImageList_Destroy
ImageList_Remove
ImageList_SetDragCursorImage
ImageList_BeginDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_EndDrag
ImageList_DragMove
InitCommonControlsEx
ImageList_Create

mpr

WNetUseConnectionW
WNetCancelConnection2W
WNetGetConnectionW
WNetAddConnection2W

wininet

InternetQueryDataAvailable
InternetCloseHandle
InternetOpenW
InternetSetOptionW
InternetCrackUrlW
HttpQueryInfoW
InternetQueryOptionW
HttpOpenRequestW
HttpSendRequestW
FtpOpenFileW
FtpGetFileSize
InternetOpenUrlW
InternetReadFile
InternetConnectW

psapi

GetProcessMemoryInfo

iphlpapi

IcmpCreateFile
IcmpCloseHandle
IcmpSendEcho

userenv

DestroyEnvironmentBlock
UnloadUserProfile
CreateEnvironmentBlock
LoadUserProfileW

uxtheme

IsThemeActive

kernel32

DuplicateHandle
CreateThread
WaitForSingleObject
HeapAlloc
GetProcessHeap
HeapFree
Sleep
GetCurrentThreadId
MultiByteToWideChar
MulDiv
GetVersionExW
IsWow64Process
GetSystemInfo
FreeLibrary
LoadLibraryA
GetProcAddress
SetErrorMode
GetModuleFileNameW
WideCharToMultiByte
lstrcpyW
lstrlenW
GetModuleHandleW
QueryPerformanceCounter
VirtualFreeEx
OpenProcess
VirtualAllocEx
WriteProcessMemory
ReadProcessMemory
CreateFileW
SetFilePointerEx
SetEndOfFile
ReadFile
WriteFile
FlushFileBuffers
TerminateProcess
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
SetFileTime
GetFileAttributesW
FindFirstFileW
SetCurrentDirectoryW
GetLongPathNameW
GetShortPathNameW
DeleteFileW
FindNextFileW
CopyFileExW
MoveFileW
CreateDirectoryW
RemoveDirectoryW
SetSystemPowerState
QueryPerformanceFrequency
FindResourceW
LoadResource
LockResource
SizeofResource
EnumResourceNamesW
OutputDebugStringW
GetTempPathW
GetTempFileNameW
DeviceIoControl
GetLocalTime
CompareStringW
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
GetStdHandle
CreatePipe
InterlockedExchange
TerminateThread
LoadLibraryExW
FindResourceExW
CopyFileW
VirtualFree
FormatMessageW
GetExitCodeProcess
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileSectionW
WritePrivateProfileSectionW
GetPrivateProfileSectionNamesW
FileTimeToLocalFileTime
FileTimeToSystemTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetDriveTypeW
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetVolumeInformationW
SetVolumeLabelW
CreateHardLinkW
SetFileAttributesW
CreateEventW
SetEvent
GetEnvironmentVariableW
SetEnvironmentVariableW
GlobalLock
GlobalUnlock
GlobalAlloc
GetFileSize
GlobalFree
GlobalMemoryStatusEx
Beep
GetSystemDirectoryW
HeapReAlloc
HeapSize
GetComputerNameW
GetWindowsDirectoryW
GetCurrentProcessId
GetProcessIoCounters
CreateProcessW
GetProcessId
SetPriorityClass
LoadLibraryW
VirtualAlloc
IsDebuggerPresent
GetCurrentDirectoryW
lstrcmpiW
DecodePointer
GetLastError
RaiseException
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InterlockedDecrement
InterlockedIncrement
GetCurrentThread
CloseHandle
GetFullPathNameW
EncodePointer
ExitProcess
GetModuleHandleExW
ExitThread
GetSystemTimeAsFileTime
ResumeThread
GetCommandLineW
IsProcessorFeaturePresent
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetStringTypeW
SetStdHandle
GetFileType
GetConsoleCP
GetConsoleMode
RtlUnwind
ReadConsoleW
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
LCMapStringW
GetEnvironmentStringsW
FreeEnvironmentStringsW
WriteConsoleW
FindClose
SetEnvironmentVariableA

user32

AdjustWindowRectEx
CopyImage
SetWindowPos
GetCursorInfo
RegisterHotKey
ClientToScreen
GetKeyboardLayoutNameW
IsCharAlphaW
IsCharAlphaNumericW
IsCharLowerW
IsCharUpperW
GetMenuStringW
GetSubMenu
GetCaretPos
IsZoomed
MonitorFromPoint
GetMonitorInfoW
SetWindowLongW
SetLayeredWindowAttributes
FlashWindow
GetClassLongW
TranslateAcceleratorW
IsDialogMessageW
GetSysColor
InflateRect
DrawFocusRect
DrawTextW
FrameRect
DrawFrameControl
FillRect
PtInRect
DestroyAcceleratorTable
CreateAcceleratorTableW
SetCursor
GetWindowDC
GetSystemMetrics
GetActiveWindow
CharNextW
wsprintfW
RedrawWindow
DrawMenuBar
DestroyMenu
SetMenu
GetWindowTextLengthW
CreateMenu
IsDlgButtonChecked
DefDlgProcW
CallWindowProcW
ReleaseCapture
SetCapture
CreateIconFromResourceEx
mouse_event
ExitWindowsEx
SetActiveWindow
FindWindowExW
EnumThreadWindows
SetMenuDefaultItem
InsertMenuItemW
IsMenu
TrackPopupMenuEx
GetCursorPos
DeleteMenu
SetRect
GetMenuItemID
GetMenuItemCount
SetMenuItemInfoW
GetMenuItemInfoW
SetForegroundWindow
IsIconic
FindWindowW
MonitorFromRect
keybd_event
SendInput
GetAsyncKeyState
SetKeyboardState
GetKeyboardState
GetKeyState
VkKeyScanW
LoadStringW
DialogBoxParamW
MessageBeep
EndDialog
SendDlgItemMessageW
GetDlgItem
SetWindowTextW
CopyRect
ReleaseDC
GetDC
EndPaint
BeginPaint
GetClientRect
GetMenu
DestroyWindow
EnumWindows
GetDesktopWindow
IsWindow
IsWindowEnabled
IsWindowVisible
EnableWindow
InvalidateRect
GetWindowLongW
GetWindowThreadProcessId
AttachThreadInput
GetFocus
GetWindowTextW
ScreenToClient
SendMessageTimeoutW
EnumChildWindows
CharUpperBuffW
GetParent
GetDlgCtrlID
SendMessageW
MapVirtualKeyW
PostMessageW
GetWindowRect
SetUserObjectSecurity
CloseDesktop
CloseWindowStation
OpenDesktopW
SetProcessWindowStation
GetProcessWindowStation
OpenWindowStationW
GetUserObjectSecurity
MessageBoxW
DefWindowProcW
SetClipboardData
EmptyClipboard
CountClipboardFormats
CloseClipboard
GetClipboardData
IsClipboardFormatAvailable
OpenClipboard
BlockInput
GetMessageW
LockWindowUpdate
DispatchMessageW
TranslateMessage
PeekMessageW
UnregisterHotKey
CheckMenuRadioItem
CharLowerBuffW
MoveWindow
SetFocus
PostQuitMessage
KillTimer
CreatePopupMenu
RegisterWindowMessageW
SetTimer
ShowWindow
CreateWindowExW
RegisterClassExW
LoadIconW
LoadCursorW
GetSysColorBrush
GetForegroundWindow
MessageBoxA
DestroyIcon
SystemParametersInfoW
LoadImageW
GetClassNameW

gdi32

StrokePath
DeleteObject
GetTextExtentPoint32W
ExtCreatePen
GetDeviceCaps
EndPath
SetPixel
CloseFigure
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
StretchBlt
GetDIBits
LineTo
AngleArc
MoveToEx
Ellipse
DeleteDC
GetPixel
CreateDCW
GetStockObject
GetTextFaceW
CreateFontW
SetTextColor
PolyDraw
BeginPath
Rectangle
SetViewportOrgEx
GetObjectW
SetBkMode
RoundRect
SetBkColor
CreatePen
CreateSolidBrush
StrokeAndFillPath

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

GetAce
RegEnumValueW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegConnectRegistryW
InitializeSecurityDescriptor
InitializeAcl
AdjustTokenPrivileges
OpenThreadToken
OpenProcessToken
LookupPrivilegeValueW
DuplicateTokenEx
CreateProcessAsUserW
CreateProcessWithLogonW
GetLengthSid
CopySid
LogonUserW
AllocateAndInitializeSid
CheckTokenMembership
RegCreateKeyExW
FreeSid
GetTokenInformation
GetSecurityDescriptorDacl
GetAclInformation
AddAce
SetSecurityDescriptorDacl
GetUserNameW
InitiateSystemShutdownExW

shell32

DragQueryPoint
ShellExecuteExW
DragQueryFileW
SHEmptyRecycleBinW
SHGetPathFromIDListW
SHBrowseForFolderW
SHCreateShellItem
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetFolderPathW
SHFileOperationW
ExtractIconExW
Shell_NotifyIconW
ShellExecuteW
DragFinish

ole32

CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
ProgIDFromCLSID
CLSIDFromProgID
OleSetMenuDescriptor
MkParseDisplayName
OleSetContainedObject
CoCreateInstance
IIDFromString
StringFromGUID2
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CoInitialize
CoUninitialize
GetRunningObjectTable
CoGetInstanceFromFile
CoGetObject
CoSetProxyBlanket
CoCreateInstanceEx
CoInitializeSecurity

oleaut32

LoadTypeLibEx
VariantCopyInd
SysReAllocString
SysFreeString
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayAllocData
SafeArrayAllocDescriptorEx
SafeArrayCreateVector
RegisterTypeLi
CreateStdDispatch
DispCallFunc
VariantChangeType
SysStringLen
VariantTimeToSystemTime
VarR8FromDec
SafeArrayGetVartype
VariantCopy
VariantClear
OleLoadPicture
QueryPathOfRegTypeLi
RegisterTypeLibForUser
UnRegisterTypeLibForUser
UnRegisterTypeLi
CreateDispTypeInfo
SysAllocString
VariantInit

Sections

.text
Size: 567KB - Virtual size: 567KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9.8MB - Virtual size: 9.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
OnlineInstaller.bin
.exe windows:5 windows x86 arch:x86

5bd730b74335de2d8c76ffbc12562b9c

Code Sign

4b:09:b3:90:25:06:78:23:32:99:e9:10:70:86:52:e0
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA,O=WoSign CA Limited,C=CN

Not Before

14-05-2015 06:20

Not After

14-05-2016 06:51

Subject

CN=Shanghai Talkus Information Co.LTD.,O=Shanghai Talkus Information Co.LTD.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

6b:da:df:ef:f0:66:1b:d2:64:2a:f4:6e:cb:b2:79:40
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09-07-1999 18:31

Not After

09-07-2019 18:40

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

46:bb:b3:40:fa:b9:c1:79:28:93:8c:93:da:10:86:79
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2024 01:00

Subject

CN=WoSign Class 3 Code Signing CA,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

bd:97:4f:10:ca:6a:09:15:96:cd:31:82:d7:81:68:8f:5d:52:1f:5d
Signer

Actual PE Digest

bd:97:4f:10:ca:6a:09:15:96:cd:31:82:d7:81:68:8f:5d:52:1f:5d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\john\Desktop\PRC20180304\Release\InstallerDrvMini.pdb

Imports

kernel32

CreateEventW
SetEvent
SetFilePointer
GetTempPathW
CopyFileW
GetCommandLineW
GetSystemInfo
CreateThread
FlushFileBuffers
GetModuleFileNameW
SizeofResource
LoadLibraryW
GetSystemDirectoryW
GetModuleHandleW
WaitForSingleObject
LockResource
CreateDirectoryW
GetCurrentProcess
CreateProcessW
LoadResource
FreeLibrary
FindResourceW
GetNativeSystemInfo
GetFullPathNameW
GetSystemDefaultLangID
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
HeapFree
HeapAlloc
LoadLibraryA
GetProcAddress
SystemTimeToFileTime
CloseHandle
DeleteCriticalSection
DecodePointer
GetLastError
RaiseException
CreateFileW
ReadFile
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LoadLibraryExW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetOEMCP
IsValidCodePage
GetCurrentThreadId
HeapSize
GetStdHandle
GetModuleHandleExW
LCMapStringW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
Sleep
InitializeCriticalSectionAndSpinCount
WriteFile
GetTickCount
GetFileSize
SetCurrentDirectoryW
GetCurrentDirectoryW
GetACP
FreeResource
ExitProcess
MulDiv
GetFileType
SetFileTime
DuplicateHandle
DosDateTimeToFileTime
GetLocalTime
InterlockedIncrement
InterlockedDecrement
GlobalAlloc
GlobalLock
GlobalUnlock
EncodePointer
EnterCriticalSection
LeaveCriticalSection
GetStringTypeW
IsDebuggerPresent
OutputDebugStringW
IsProcessorFeaturePresent
RtlUnwind
HeapReAlloc
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
TerminateProcess

user32

PostQuitMessage
GetActiveWindow
GetSystemMetrics
MessageBoxW
GetGUIThreadInfo
InvalidateRgn
CreateAcceleratorTableW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
GetWindowRgn
MoveWindow
GetSysColor
ClientToScreen
GetCaretPos
SetCaretPos
ShowCaret
HideCaret
GetCaretBlinkTime
CreateCaret
SetRect
wsprintfW
GetMessageW
TranslateMessage
DispatchMessageW
SendMessageW
PostMessageW
DefWindowProcW
CallWindowProcW
RegisterClassW
RegisterClassExW
GetClassInfoExW
CreateWindowExW
IsWindow
ShowWindow
SetWindowPos
IsIconic
SetFocus
EnableWindow
GetMenu
SetPropW
GetPropW
GetClientRect
GetWindowRect
AdjustWindowRectEx
GetWindowLongW
SetWindowLongW
GetParent
GetWindow
LoadCursorW
LoadImageW
MonitorFromWindow
GetMonitorInfoW
DestroyWindow
IsWindowVisible
CharNextW
GetFocus
GetKeyState
SetCapture
ReleaseCapture
SetTimer
KillTimer
GetDC
ReleaseDC
BeginPaint
EndPaint
GetUpdateRect
InvalidateRect
GetCursorPos
ScreenToClient
MapWindowPoints
IntersectRect
UnionRect
IsRectEmpty
PtInRect
wvsprintfW
SetCursor
InflateRect
OffsetRect
IsZoomed
SetWindowRgn
CharPrevW
DrawTextW
FillRect

advapi32

RegOpenKeyExA
LookupPrivilegeValueW
RegQueryInfoKeyW
RegQueryValueExW
OpenSCManagerW
OpenProcessToken
CloseServiceHandle
CreateServiceW
RegOpenKeyExW
RegEnumKeyExW
AdjustTokenPrivileges
RegCloseKey
RegSetValueExW
RegOpenKeyW
StartServiceW

ole32

CLSIDFromProgID
OleLockRunning
CoCreateInstance
CoUninitialize
CoInitialize
CreateStreamOnHGlobal
CLSIDFromString
CoCreateGuid

iphlpapi

GetAdaptersInfo

wininet

HttpQueryInfoA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetOpenA
InternetCloseHandle

gdiplus

GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdipCreateLineBrushI
GdipDeleteBrush
GdipDrawString
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipGetFamily
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDeleteFontFamily
GdipDrawImageRectI
GdipDrawImage
GdipGraphicsClear
GdipCreateBitmapFromScan0
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipSetPixelOffsetMode
GdipSetSmoothingMode
GdipSetCompositingQuality
GdipDeleteGraphics
GdipCreateFromHDC
GdipCloneBrush
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipGetImageWidth
GdipGetImageHeight
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount

imagehlp

CheckSumMappedFile

comctl32

_TrackMouseEvent
ord17

imm32

ImmReleaseContext
ImmSetCompositionFontW
ImmSetCompositionWindow
ImmGetContext

gdi32

SetBkColor
SetBkMode
StretchBlt
SetStretchBltMode
SetTextColor
CreateDIBSection
LineTo
TextOutW
ExtTextOutW
GdiFlush
GetTextExtentPoint32W
GetClipBox
GetCharABCWidthsW
CreateSolidBrush
CreateRectRgnIndirect
CreatePenIndirect
CombineRgn
ExtSelectClipRgn
CreateRoundRectRgn
SelectClipRgn
GetObjectW
GetTextMetricsW
SelectObject
SaveDC
RestoreDC
Rectangle
GetStockObject
CreatePatternBrush
PtInRegion
CreateRectRgn
GetObjectA
GetDeviceCaps
DeleteObject
DeleteDC
CreatePen
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
SetWindowOrgEx
RoundRect
MoveToEx

oleaut32

VariantClear
VariantInit
SysFreeString
SysAllocString

Exports

Exports

??0CActiveXUI@DuiLib@@QAE@ABV01@@Z
??0CActiveXUI@DuiLib@@QAE@XZ
??0CButtonUI@DuiLib@@QAE@ABV01@@Z
??0CButtonUI@DuiLib@@QAE@XZ
??0CCheckBoxUI@DuiLib@@QAE@ABV01@@Z
??0CCheckBoxUI@DuiLib@@QAE@XZ
??0CChildLayoutUI@DuiLib@@QAE@ABV01@@Z
??0CChildLayoutUI@DuiLib@@QAE@XZ
??0CComboUI@DuiLib@@QAE@ABV01@@Z
??0CComboUI@DuiLib@@QAE@XZ
??0CContainerUI@DuiLib@@QAE@ABV01@@Z
??0CContainerUI@DuiLib@@QAE@XZ
??0CControlUI@DuiLib@@QAE@ABV01@@Z
??0CControlUI@DuiLib@@QAE@XZ
??0CDateTimeUI@DuiLib@@QAE@ABV01@@Z
??0CDateTimeUI@DuiLib@@QAE@XZ
??0CDelegateBase@DuiLib@@QAE@ABV01@@Z
??0CDelegateBase@DuiLib@@QAE@PAX0@Z
??0CDialogBuilder@DuiLib@@QAE@XZ
??0CDuiPoint@DuiLib@@QAE@ABUtagPOINT@@@Z
??0CDuiPoint@DuiLib@@QAE@J@Z
??0CDuiPoint@DuiLib@@QAE@JJ@Z
??0CDuiPoint@DuiLib@@QAE@PB_W@Z
??0CDuiPoint@DuiLib@@QAE@XZ
??0CDuiPtrArray@DuiLib@@QAE@ABV01@@Z
??0CDuiPtrArray@DuiLib@@QAE@H@Z
??0CDuiRect@DuiLib@@QAE@ABUtagRECT@@@Z
??0CDuiRect@DuiLib@@QAE@JJJJ@Z
??0CDuiRect@DuiLib@@QAE@PB_W@Z
??0CDuiRect@DuiLib@@QAE@XZ
??0CDuiSize@DuiLib@@QAE@ABUtagSIZE@@@Z
??0CDuiSize@DuiLib@@QAE@JJ@Z
??0CDuiSize@DuiLib@@QAE@PB_W@Z
??0CDuiSize@DuiLib@@QAE@UtagRECT@@@Z
??0CDuiSize@DuiLib@@QAE@XZ
??0CDuiString@DuiLib@@QAE@ABV01@@Z
??0CDuiString@DuiLib@@QAE@PB_WH@Z
??0CDuiString@DuiLib@@QAE@XZ
??0CDuiString@DuiLib@@QAE@_W@Z
??0CDuiStringPtrMap@DuiLib@@QAE@H@Z
??0CDuiValArray@DuiLib@@QAE@HH@Z
??0CEditUI@DuiLib@@QAE@ABV01@@Z
??0CEditUI@DuiLib@@QAE@XZ
??0CEventSource@DuiLib@@QAE@ABV01@@Z
??0CEventSource@DuiLib@@QAE@XZ
??0CGifAnimUI@DuiLib@@QAE@ABV01@@Z
??0CGifAnimUI@DuiLib@@QAE@XZ
??0CHorizontalLayoutUI@DuiLib@@QAE@ABV01@@Z
??0CHorizontalLayoutUI@DuiLib@@QAE@XZ
??0CHyperLinkUI@DuiLib@@QAE@ABV01@@Z
??0CHyperLinkUI@DuiLib@@QAE@XZ
??0CLabelUI@DuiLib@@QAE@ABV01@@Z
??0CLabelUI@DuiLib@@QAE@XZ
??0CListContainerElementUI@DuiLib@@QAE@ABV01@@Z
??0CListContainerElementUI@DuiLib@@QAE@XZ
??0CListElementUI@DuiLib@@QAE@ABV01@@Z
??0CListElementUI@DuiLib@@QAE@XZ
??0CListHBoxElementUI@DuiLib@@QAE@ABV01@@Z
??0CListHBoxElementUI@DuiLib@@QAE@XZ
??0CListHeaderItemUI@DuiLib@@QAE@ABV01@@Z
??0CListHeaderItemUI@DuiLib@@QAE@XZ
??0CListHeaderUI@DuiLib@@QAE@ABV01@@Z
??0CListHeaderUI@DuiLib@@QAE@XZ
??0CListLabelElementUI@DuiLib@@QAE@ABV01@@Z
??0CListLabelElementUI@DuiLib@@QAE@XZ
??0CListTextElementUI@DuiLib@@QAE@ABV01@@Z
??0CListTextElementUI@DuiLib@@QAE@XZ
??0CListUI@DuiLib@@QAE@ABV01@@Z
??0CListUI@DuiLib@@QAE@XZ
??0CMarkup@DuiLib@@QAE@PB_W@Z
??0CMarkupNode@DuiLib@@AAE@PAVCMarkup@1@H@Z
??0CMarkupNode@DuiLib@@AAE@XZ
??0CNotifyPump@DuiLib@@QAE@ABV01@@Z
??0CNotifyPump@DuiLib@@QAE@XZ
??0COptionUI@DuiLib@@QAE@ABV01@@Z
??0COptionUI@DuiLib@@QAE@XZ
??0CPaintManagerUI@DuiLib@@QAE@ABV01@@Z
??0CPaintManagerUI@DuiLib@@QAE@XZ
??0CProgressUI@DuiLib@@QAE@ABV01@@Z
??0CProgressUI@DuiLib@@QAE@XZ
??0CRichEditUI@DuiLib@@QAE@ABV01@@Z
??0CRichEditUI@DuiLib@@QAE@XZ
??0CScrollBarUI@DuiLib@@QAE@ABV01@@Z
??0CScrollBarUI@DuiLib@@QAE@XZ
??0CSliderUI@DuiLib@@QAE@ABV01@@Z
??0CSliderUI@DuiLib@@QAE@XZ
??0CTabLayoutUI@DuiLib@@QAE@ABV01@@Z
??0CTabLayoutUI@DuiLib@@QAE@XZ
??0CTextUI@DuiLib@@QAE@ABV01@@Z
??0CTextUI@DuiLib@@QAE@XZ
??0CTileLayoutUI@DuiLib@@QAE@ABV01@@Z
??0CTileLayoutUI@DuiLib@@QAE@XZ
??0CTreeNodeUI@DuiLib@@QAE@ABV01@@Z
??0CTreeNodeUI@DuiLib@@QAE@PAV01@@Z
??0CTreeViewUI@DuiLib@@QAE@ABV01@@Z
??0CTreeViewUI@DuiLib@@QAE@XZ
??0CVerticalLayoutUI@DuiLib@@QAE@ABV01@@Z
??0CVerticalLayoutUI@DuiLib@@QAE@XZ
??0CWaitCursor@DuiLib@@QAE@XZ
??0CWebBrowserUI@DuiLib@@QAE@ABV01@@Z
??0CWebBrowserUI@DuiLib@@QAE@XZ
??0CWindowWnd@DuiLib@@QAE@ABV01@@Z
??0CWindowWnd@DuiLib@@QAE@XZ
??0CWndShadow@@QAE@ABV0@@Z
??0CWndShadow@@QAE@XZ
??0IMessageFilterUI@DuiLib@@QAE@ABV01@@Z
??0IMessageFilterUI@DuiLib@@QAE@XZ
??0INotifyUI@DuiLib@@QAE@ABV01@@Z
??0INotifyUI@DuiLib@@QAE@XZ
??0ITranslateAccelerator@DuiLib@@QAE@ABV01@@Z
??0ITranslateAccelerator@DuiLib@@QAE@XZ
??0STRINGorID@DuiLib@@QAE@I@Z
??0STRINGorID@DuiLib@@QAE@PB_W@Z
??0WindowImplBase@DuiLib@@QAE@ABV01@@Z
??0WindowImplBase@DuiLib@@QAE@XZ
??0tagTDrawInfo@DuiLib@@QAE@ABU01@@Z
??0tagTDrawInfo@DuiLib@@QAE@PB_W@Z
??0tagTDrawInfo@DuiLib@@QAE@XZ
??0tagTFontInfo@DuiLib@@QAE@ABU01@@Z
??0tagTFontInfo@DuiLib@@QAE@XZ
??0tagTImageInfo@DuiLib@@QAE@ABU01@@Z
??0tagTImageInfo@DuiLib@@QAE@XZ
??0tagTResInfo@DuiLib@@QAE@ABU01@@Z
??0tagTResInfo@DuiLib@@QAE@XZ
??1CActiveXUI@DuiLib@@UAE@XZ
??1CButtonUI@DuiLib@@UAE@XZ
??1CCheckBoxUI@DuiLib@@UAE@XZ
??1CChildLayoutUI@DuiLib@@UAE@XZ
??1CComboUI@DuiLib@@UAE@XZ
??1CContainerUI@DuiLib@@UAE@XZ
??1CControlUI@DuiLib@@MAE@XZ
??1CDateTimeUI@DuiLib@@UAE@XZ
??1CDelegateBase@DuiLib@@UAE@XZ
??1CDialogBuilder@DuiLib@@QAE@XZ
??1CDuiPtrArray@DuiLib@@QAE@XZ
??1CDuiString@DuiLib@@QAE@XZ
??1CDuiStringPtrMap@DuiLib@@QAE@XZ
??1CDuiValArray@DuiLib@@QAE@XZ
??1CEditUI@DuiLib@@UAE@XZ
??1CEventSource@DuiLib@@QAE@XZ
??1CGifAnimUI@DuiLib@@UAE@XZ
??1CHorizontalLayoutUI@DuiLib@@UAE@XZ
??1CHyperLinkUI@DuiLib@@UAE@XZ
??1CLabelUI@DuiLib@@UAE@XZ
??1CListContainerElementUI@DuiLib@@UAE@XZ
??1CListElementUI@DuiLib@@UAE@XZ
??1CListHBoxElementUI@DuiLib@@UAE@XZ
??1CListHeaderItemUI@DuiLib@@UAE@XZ
??1CListHeaderUI@DuiLib@@UAE@XZ
??1CListLabelElementUI@DuiLib@@UAE@XZ
??1CListTextElementUI@DuiLib@@UAE@XZ
??1CListUI@DuiLib@@UAE@XZ
??1CMarkup@DuiLib@@QAE@XZ
??1CNotifyPump@DuiLib@@QAE@XZ
??1COptionUI@DuiLib@@UAE@XZ
??1CPaintManagerUI@DuiLib@@QAE@XZ
??1CProgressUI@DuiLib@@UAE@XZ
??1CRenderClip@DuiLib@@QAE@XZ
??1CRichEditUI@DuiLib@@UAE@XZ
??1CScrollBarUI@DuiLib@@UAE@XZ
??1CSliderUI@DuiLib@@UAE@XZ
??1CTabLayoutUI@DuiLib@@UAE@XZ
??1CTextUI@DuiLib@@UAE@XZ
??1CTileLayoutUI@DuiLib@@UAE@XZ
??1CTreeNodeUI@DuiLib@@UAE@XZ
??1CTreeViewUI@DuiLib@@UAE@XZ
??1CVerticalLayoutUI@DuiLib@@UAE@XZ
??1CWaitCursor@DuiLib@@QAE@XZ
??1CWebBrowserUI@DuiLib@@UAE@XZ
??1CWndShadow@@UAE@XZ
??1WindowImplBase@DuiLib@@UAE@XZ
??1tagTDrawInfo@DuiLib@@QAE@XZ
??1tagTFontInfo@DuiLib@@QAE@XZ
??1tagTImageInfo@DuiLib@@QAE@XZ
??1tagTResInfo@DuiLib@@QAE@XZ
??4CActiveXUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CButtonUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CCheckBoxUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CChildLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CComboUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CContainerUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CControlUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CDateTimeUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CDelegateBase@DuiLib@@QAEAAV01@ABV01@@Z
??4CDialogBuilder@DuiLib@@QAEAAV01@ABV01@@Z
??4CDuiPoint@DuiLib@@QAEAAV01@ABV01@@Z
??4CDuiPtrArray@DuiLib@@QAEAAV01@ABV01@@Z
??4CDuiRect@DuiLib@@QAEAAV01@ABV01@@Z
??4CDuiSize@DuiLib@@QAEAAV01@ABV01@@Z
??4CDuiString@DuiLib@@QAEABV01@ABV01@@Z
??4CDuiString@DuiLib@@QAEABV01@PBD@Z
??4CDuiString@DuiLib@@QAEABV01@PB_W@Z
??4CDuiString@DuiLib@@QAEABV01@_W@Z
??4CDuiStringPtrMap@DuiLib@@QAEAAV01@ABV01@@Z
??4CDuiValArray@DuiLib@@QAEAAV01@ABV01@@Z
??4CEditUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CEventSource@DuiLib@@QAEAAV01@ABV01@@Z
??4CGifAnimUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CHorizontalLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CHyperLinkUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CLabelUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListContainerElementUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListElementUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListHBoxElementUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListHeaderItemUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListHeaderUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListLabelElementUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListTextElementUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CMarkup@DuiLib@@QAEAAV01@ABV01@@Z
??4CMarkupNode@DuiLib@@QAEAAV01@ABV01@@Z
??4CNotifyPump@DuiLib@@QAEAAV01@ABV01@@Z
??4COptionUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CPaintManagerUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CProgressUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CRenderClip@DuiLib@@QAEAAV01@ABV01@@Z
??4CRenderEngine@DuiLib@@QAEAAV01@ABV01@@Z
??4CRichEditUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CScrollBarUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CSliderUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CTabLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CTextUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CTileLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CTreeNodeUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CTreeViewUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CVerticalLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CWaitCursor@DuiLib@@QAEAAV01@ABV01@@Z
??4CWebBrowserUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CWindowWnd@DuiLib@@QAEAAV01@ABV01@@Z
??4CWndShadow@@QAEAAV0@ABV0@@Z
??4IMessageFilterUI@DuiLib@@QAEAAV01@ABV01@@Z
??4INotifyUI@DuiLib@@QAEAAV01@ABV01@@Z
??4ITranslateAccelerator@DuiLib@@QAEAAV01@ABV01@@Z
??4STRINGorID@DuiLib@@QAEAAV01@ABV01@@Z
??4WindowImplBase@DuiLib@@QAEAAV01@ABV01@@Z
??4tagTDrawInfo@DuiLib@@QAEAAU01@ABU01@@Z
??4tagTEventUI@DuiLib@@QAEAAU01@ABU01@@Z
??4tagTFontInfo@DuiLib@@QAEAAU01@ABU01@@Z
??4tagTImageInfo@DuiLib@@QAEAAU01@ABU01@@Z
??4tagTPercentInfo@DuiLib@@QAEAAU01@ABU01@@Z
??4tagTResInfo@DuiLib@@QAEAAU01@ABU01@@Z
??8CDuiString@DuiLib@@QBE_NPB_W@Z
??9CDuiString@DuiLib@@QBE_NPB_W@Z
??ACDuiPtrArray@DuiLib@@QBEPAXH@Z
??ACDuiString@DuiLib@@QBE_WH@Z
??ACDuiStringPtrMap@DuiLib@@QBEPB_WH@Z
??ACDuiValArray@DuiLib@@QBEPAXH@Z
??BCDuiString@DuiLib@@QBEPB_WXZ
??BCEventSource@DuiLib@@QAE_NXZ
??BCWindowWnd@DuiLib@@QBEPAUHWND__@@XZ
??BCWndShadow@@QBEPAUHWND__@@XZ
??HCDuiString@DuiLib@@QBE?AV01@ABV01@@Z
??HCDuiString@DuiLib@@QBE?AV01@PB_W@Z
??MCDuiString@DuiLib@@QBE_NPB_W@Z
??NCDuiString@DuiLib@@QBE_NPB_W@Z
??OCDuiString@DuiLib@@QBE_NPB_W@Z
??PCDuiString@DuiLib@@QBE_NPB_W@Z
??RCDelegateBase@DuiLib@@QAE_NPAX@Z
??RCEventSource@DuiLib@@QAE_NPAX@Z
??YCDuiString@DuiLib@@QAEABV01@ABV01@@Z
??YCDuiString@DuiLib@@QAEABV01@PBD@Z
??YCDuiString@DuiLib@@QAEABV01@PB_W@Z
??YCDuiString@DuiLib@@QAEABV01@_W@Z
??YCEventSource@DuiLib@@QAEXABVCDelegateBase@1@@Z
??YCEventSource@DuiLib@@QAEXP6A_NPAX@Z@Z
??ZCEventSource@DuiLib@@QAEXABVCDelegateBase@1@@Z
??ZCEventSource@DuiLib@@QAEXP6A_NPAX@Z@Z
??_7CActiveXUI@DuiLib@@6BCControlUI@1@@
??_7CActiveXUI@DuiLib@@6BIMessageFilterUI@1@@
??_7CButtonUI@DuiLib@@6B@
??_7CCheckBoxUI@DuiLib@@6B@
??_7CChildLayoutUI@DuiLib@@6BCControlUI@1@@
??_7CChildLayoutUI@DuiLib@@6BIContainerUI@1@@
??_7CComboUI@DuiLib@@6B@
??_7CComboUI@DuiLib@@6BCControlUI@1@@
??_7CComboUI@DuiLib@@6BIContainerUI@1@@
??_7CContainerUI@DuiLib@@6BCControlUI@1@@
??_7CContainerUI@DuiLib@@6BIContainerUI@1@@
??_7CControlUI@DuiLib@@6B@
??_7CDateTimeUI@DuiLib@@6B@
??_7CDelegateBase@DuiLib@@6B@
??_7CEditUI@DuiLib@@6B@
??_7CGifAnimUI@DuiLib@@6B@
??_7CHorizontalLayoutUI@DuiLib@@6BCControlUI@1@@
??_7CHorizontalLayoutUI@DuiLib@@6BIContainerUI@1@@
??_7CHyperLinkUI@DuiLib@@6B@
??_7CLabelUI@DuiLib@@6B@
??_7CListContainerElementUI@DuiLib@@6B@
??_7CListContainerElementUI@DuiLib@@6BCControlUI@1@@
??_7CListContainerElementUI@DuiLib@@6BIContainerUI@1@@
??_7CListElementUI@DuiLib@@6BCControlUI@1@@
??_7CListElementUI@DuiLib@@6BIListItemUI@1@@
??_7CListHBoxElementUI@DuiLib@@6B@
??_7CListHBoxElementUI@DuiLib@@6BCControlUI@1@@
??_7CListHBoxElementUI@DuiLib@@6BIContainerUI@1@@
??_7CListHeaderItemUI@DuiLib@@6B@
??_7CListHeaderUI@DuiLib@@6BCControlUI@1@@
??_7CListHeaderUI@DuiLib@@6BIContainerUI@1@@
??_7CListLabelElementUI@DuiLib@@6BCControlUI@1@@
??_7CListLabelElementUI@DuiLib@@6BIListItemUI@1@@
??_7CListTextElementUI@DuiLib@@6BCControlUI@1@@
??_7CListTextElementUI@DuiLib@@6BIListItemUI@1@@
??_7CListUI@DuiLib@@6B@
??_7CListUI@DuiLib@@6BCControlUI@1@@
??_7CListUI@DuiLib@@6BIContainerUI@1@@
??_7CNotifyPump@DuiLib@@6B@
??_7COptionUI@DuiLib@@6B@
??_7CProgressUI@DuiLib@@6B@
??_7CRichEditUI@DuiLib@@6B@
??_7CRichEditUI@DuiLib@@6BCControlUI@1@@
??_7CRichEditUI@DuiLib@@6BIContainerUI@1@@
??_7CScrollBarUI@DuiLib@@6B@
??_7CSliderUI@DuiLib@@6B@
??_7CTabLayoutUI@DuiLib@@6BCControlUI@1@@
??_7CTabLayoutUI@DuiLib@@6BIContainerUI@1@@
??_7CTextUI@DuiLib@@6B@
??_7CTileLayoutUI@DuiLib@@6BCControlUI@1@@
??_7CTileLayoutUI@DuiLib@@6BIContainerUI@1@@
??_7CTreeNodeUI@DuiLib@@6B@
??_7CTreeNodeUI@DuiLib@@6BCControlUI@1@@
??_7CTreeNodeUI@DuiLib@@6BIContainerUI@1@@
??_7CTreeViewUI@DuiLib@@6BCControlUI@1@@
??_7CTreeViewUI@DuiLib@@6BCListUI@1@@
??_7CTreeViewUI@DuiLib@@6BIContainerUI@1@@
??_7CTreeViewUI@DuiLib@@6BINotifyUI@1@@
??_7CVerticalLayoutUI@DuiLib@@6BCControlUI@1@@
??_7CVerticalLayoutUI@DuiLib@@6BIContainerUI@1@@
??_7CWebBrowserUI@DuiLib@@6BCControlUI@1@@
??_7CWebBrowserUI@DuiLib@@6BIDispatch@@@
??_7CWebBrowserUI@DuiLib@@6BIDocHostUIHandler@@@
??_7CWebBrowserUI@DuiLib@@6BIMessageFilterUI@1@@
??_7CWebBrowserUI@DuiLib@@6BIOleCommandTarget@@@
??_7CWebBrowserUI@DuiLib@@6BIServiceProvider@@@
??_7CWebBrowserUI@DuiLib@@6BITranslateAccelerator@1@@
??_7CWindowWnd@DuiLib@@6B@
??_7CWndShadow@@6B@
??_7IMessageFilterUI@DuiLib@@6B@
??_7INotifyUI@DuiLib@@6B@
??_7ITranslateAccelerator@DuiLib@@6B@
??_7WindowImplBase@DuiLib@@6BCNotifyPump@1@@
??_7WindowImplBase@DuiLib@@6BCWindowWnd@1@@
??_7WindowImplBase@DuiLib@@6BIDialogBuilderCallback@1@@
??_7WindowImplBase@DuiLib@@6BIMessageFilterUI@1@@
??_7WindowImplBase@DuiLib@@6BINotifyUI@1@@
??_FCDuiPtrArray@DuiLib@@QAEXXZ
??_FCDuiStringPtrMap@DuiLib@@QAEXXZ
??_FCMarkup@DuiLib@@QAEXXZ
??_FCTreeNodeUI@DuiLib@@QAEXXZ
?Activate@CButtonUI@DuiLib@@UAE_NXZ
?Activate@CComboUI@DuiLib@@UAE_NXZ
?Activate@CControlUI@DuiLib@@UAE_NXZ
?Activate@CHyperLinkUI@DuiLib@@UAE_NXZ
?Activate@CListContainerElementUI@DuiLib@@UAE_NXZ
?Activate@CListElementUI@DuiLib@@UAE_NXZ
?Activate@COptionUI@DuiLib@@UAE_NXZ
?Add@CComboUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?Add@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?Add@CDuiPtrArray@DuiLib@@QAE_NPAX@Z
?Add@CDuiValArray@DuiLib@@QAE_NPBX@Z
?Add@CListUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?Add@CTabLayoutUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?Add@CTreeNodeUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?Add@CTreeViewUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?AddAt@CComboUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddAt@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddAt@CListUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddAt@CTabLayoutUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddAt@CTreeNodeUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddAt@CTreeViewUI@DuiLib@@QAEJPAVCTreeNodeUI@2@H@Z
?AddAt@CTreeViewUI@DuiLib@@QAE_NPAVCTreeNodeUI@2@0@Z
?AddAt@CTreeViewUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddChildNode@CTreeNodeUI@DuiLib@@QAE_NPAV12@@Z
?AddCustomAttribute@CControlUI@DuiLib@@QAEXPB_W0@Z
?AddDefaultAttributeList@CPaintManagerUI@DuiLib@@QAEXPB_W0_N@Z
?AddDelayedCleanup@CPaintManagerUI@DuiLib@@QAEXPAVCControlUI@2@@Z
?AddFont@CPaintManagerUI@DuiLib@@QAEPAUHFONT__@@HPB_WH_N111@Z
?AddImage@CPaintManagerUI@DuiLib@@QAEPBUtagTImageInfo@2@PB_W0K_N1@Z
?AddImage@CPaintManagerUI@DuiLib@@QAEPBUtagTImageInfo@2@PB_WPAUHBITMAP__@@HH_N2@Z
?AddMessageFilter@CPaintManagerUI@DuiLib@@QAE_NPAVIMessageFilterUI@2@@Z
?AddMouseLeaveNeeded@CPaintManagerUI@DuiLib@@QAEXPAVCControlUI@2@@Z
?AddMultiLanguageString@CPaintManagerUI@DuiLib@@SAXHPB_W@Z
?AddNativeWindow@CPaintManagerUI@DuiLib@@QAE_NPAVCControlUI@2@PAUHWND__@@@Z
?AddNotifier@CPaintManagerUI@DuiLib@@QAE_NPAVINotifyUI@2@@Z
?AddOptionGroup@CPaintManagerUI@DuiLib@@QAE_NPB_WPAVCControlUI@2@@Z
?AddPostPaint@CPaintManagerUI@DuiLib@@QAE_NPAVCControlUI@2@@Z
?AddPreMessageFilter@CPaintManagerUI@DuiLib@@QAE_NPAVIMessageFilterUI@2@@Z
?AddRef@CWebBrowserUI@DuiLib@@UAGKXZ
?AddTranslateAccelerator@CPaintManagerUI@DuiLib@@QAE_NPAVITranslateAccelerator@2@@Z
?AddVirtualWnd@CNotifyPump@DuiLib@@QAE_NVCDuiString@2@PAV12@@Z
?AddWindowCustomAttribute@CPaintManagerUI@DuiLib@@QAEXPB_W0@Z
?AdjustColor@CRenderEngine@DuiLib@@SAKKFFF@Z
?AdjustImage@CRenderEngine@DuiLib@@SAX_NPAUtagTImageInfo@2@FFF@Z
?AdjustImagesHSL@CPaintManagerUI@DuiLib@@AAEXXZ
?AdjustSharedImagesHSL@CPaintManagerUI@DuiLib@@CAXXZ
?Append@CDuiString@DuiLib@@QAEXPB_W@Z
?AppendText@CRichEditUI@DuiLib@@QAEHPB_W_N@Z
?Assign@CDuiString@DuiLib@@QAEXPB_WH@Z
?AttachDialog@CPaintManagerUI@DuiLib@@QAE_NPAVCControlUI@2@@Z
?BeforeNavigate2@CWebBrowserUI@DuiLib@@IAEXPAUIDispatch@@AAPAUtagVARIANT@@1111AAPAF@Z
?CalLocation@CTreeNodeUI@DuiLib@@AAEPAV12@PAV12@@Z
?CenterWindow@CWindowWnd@DuiLib@@QAEXXZ
?CharFromPos@CRichEditUI@DuiLib@@QBEHVCDuiPoint@2@@Z
?CheckBoxSelected@CTreeNodeUI@DuiLib@@QAEX_N@Z
?Clear@CRichEditUI@DuiLib@@QAEXXZ
?Clear@tagTDrawInfo@DuiLib@@QAEXXZ
?Close@CWindowWnd@DuiLib@@QAEXI@Z
?CommandStateChange@CWebBrowserUI@DuiLib@@IAEXJF@Z
?Compare@CDuiString@DuiLib@@QBEHPB_W@Z
?CompareNoCase@CDuiString@DuiLib@@QBEHPB_W@Z
?Copy@CRichEditUI@DuiLib@@QAEXXZ
?Create@CDialogBuilder@DuiLib@@QAEPAVCControlUI@2@PAVIDialogBuilderCallback@2@PAVCPaintManagerUI@2@PAV32@@Z
?Create@CDialogBuilder@DuiLib@@QAEPAVCControlUI@2@VSTRINGorID@2@PB_WPAVIDialogBuilderCallback@2@PAVCPaintManagerUI@2@PAV32@@Z
?Create@CWindowWnd@DuiLib@@QAEPAUHWND__@@PAU3@PB_WKKHHHHPAUHMENU__@@@Z
?Create@CWindowWnd@DuiLib@@QAEPAUHWND__@@PAU3@PB_WKKUtagRECT@@PAUHMENU__@@@Z
?Create@CWndShadow@@QAEXPAUHWND__@@@Z
?CreateARGB32Bitmap@CRenderEngine@DuiLib@@SAPAUHBITMAP__@@PAUHDC__@@HHPAPAK@Z
?CreateControl@CActiveXUI@DuiLib@@QAE_NPB_W@Z
?CreateControl@CActiveXUI@DuiLib@@QAE_NU_GUID@@@Z
?CreateControl@WindowImplBase@DuiLib@@UAEPAVCControlUI@2@PB_W@Z
?CreateDuiWindow@CWindowWnd@DuiLib@@QAEPAUHWND__@@PAU3@PB_WKK@Z
?Cut@CRichEditUI@DuiLib@@QAEXXZ
?DUI__Trace@DuiLib@@YAXPB_WZZ
?DUI__TraceMsg@DuiLib@@YAPB_WI@Z
?Deflate@CDuiRect@DuiLib@@QAEXHH@Z
?Delete@CControlUI@DuiLib@@UAEXXZ
?DeleteGif@CGifAnimUI@DuiLib@@AAEXXZ
?DoCreateControl@CActiveXUI@DuiLib@@MAE_NXZ
?DoCreateControl@CWebBrowserUI@DuiLib@@UAE_NXZ
?DoEvent@CButtonUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CComboUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CContainerUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CControlUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CDateTimeUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CEditUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CGifAnimUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CHorizontalLayoutUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CHyperLinkUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CLabelUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CListContainerElementUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CListElementUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CListHeaderItemUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CListLabelElementUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CListTextElementUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CListUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CRichEditUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CScrollBarUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CSliderUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CTextUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CTreeNodeUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CVerticalLayoutUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoInit@CComboUI@DuiLib@@UAEXXZ
?DoInit@CControlUI@DuiLib@@UAEXXZ
?DoInit@CGifAnimUI@DuiLib@@UAEXXZ
?DoInit@CRichEditUI@DuiLib@@UAEXXZ
?DoPaint@CActiveXUI@DuiLib@@UAE_NPAUHDC__@@ABUtagRECT@@PAVCControlUI@2@@Z
?DoPaint@CComboUI@DuiLib@@UAE_NPAUHDC__@@ABUtagRECT@@PAVCControlUI@2@@Z
?DoPaint@CContainerUI@DuiLib@@UAE_NPAUHDC__@@ABUtagRECT@@PAVCControlUI@2@@Z
?DoPaint@CControlUI@DuiLib@@UAE_NPAUHDC__@@ABUtagRECT@@PAV12@@Z
?DoPaint@CGifAnimUI@DuiLib@@UAE_NPAUHDC__@@ABUtagRECT@@PAVCControlUI@2@@Z
?DoPaint@CListContainerElementUI@DuiLib@@UAE_NPAUHDC__@@ABUtagRECT@@PAVCControlUI@2@@Z
?DoPaint@CListHBoxElementUI@DuiLib@@UAE_NPAUHDC__@@ABUtagRECT@@PAVCControlUI@2@@Z
?DoPaint@CListLabelElementUI@DuiLib@@UAE_NPAUHDC__@@ABUtagRECT@@PAVCControlUI@2@@Z
?DoPaint@CRichEditUI@DuiLib@@UAE_NPAUHDC__@@ABUtagRECT@@PAVCControlUI@2@@Z
?DoPaint@CScrollBarUI@DuiLib@@UAE_NPAUHDC__@@ABUtagRECT@@PAVCControlUI@2@@Z
?DoPostPaint@CControlUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DoPostPaint@CHorizontalLayoutUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DoPostPaint@CVerticalLayoutUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DocumentComplete@CWebBrowserUI@DuiLib@@IAEXPAUIDispatch@@AAPAUtagVARIANT@@@Z
?Download@CWebBrowserUI@DuiLib@@UAGJPAUIMoniker@@PAUIBindCtx@@KJPAU_tagBINDINFO@@PB_W3I@Z
?DrawColor@CRenderEngine@DuiLib@@SAXPAUHDC__@@ABUtagRECT@@K@Z
?DrawFrame@CGifAnimUI@DuiLib@@AAEXPAUHDC__@@@Z
?DrawGradient@CRenderEngine@DuiLib@@SAXPAUHDC__@@ABUtagRECT@@KK_NH@Z
?DrawHtmlText@CRenderEngine@DuiLib@@SAXPAUHDC__@@PAVCPaintManagerUI@2@AAUtagRECT@@PB_WKPAU5@PAVCDuiString@2@AAHHI@Z
?DrawImage@CControlUI@DuiLib@@QAE_NPAUHDC__@@AAUtagTDrawInfo@2@@Z
?DrawImage@CRenderEngine@DuiLib@@SAXPAUHDC__@@PAUHBITMAP__@@ABUtagRECT@@222_NE333@Z
?DrawImage@CRenderEngine@DuiLib@@SA_NPAUHDC__@@PAVCPaintManagerUI@2@ABUtagRECT@@2AAUtagTDrawInfo@2@@Z
?DrawItemBk@CListContainerElementUI@DuiLib@@QAEXPAUHDC__@@ABUtagRECT@@@Z
?DrawItemBk@CListElementUI@DuiLib@@QAEXPAUHDC__@@ABUtagRECT@@@Z
?DrawItemText@CListContainerElementUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DrawItemText@CListLabelElementUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DrawItemText@CListTextElementUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DrawLine@CRenderEngine@DuiLib@@SAXPAUHDC__@@ABUtagRECT@@HKH@Z
?DrawRect@CRenderEngine@DuiLib@@SAXPAUHDC__@@ABUtagRECT@@HKH@Z
?DrawRoundRect@CRenderEngine@DuiLib@@SAXPAUHDC__@@ABUtagRECT@@HHHKH@Z
?DrawTextW@CRenderEngine@DuiLib@@SAXPAUHDC__@@PAVCPaintManagerUI@2@AAUtagRECT@@PB_WKHI@Z
?Empty@CDuiPtrArray@DuiLib@@QAEXXZ
?Empty@CDuiRect@DuiLib@@QAEXXZ
?Empty@CDuiString@DuiLib@@QAEXXZ
?Empty@CDuiValArray@DuiLib@@QAEXXZ
?EmptyUndoBuffer@CRichEditUI@DuiLib@@QAEXXZ
?EnableModeless@CWebBrowserUI@DuiLib@@UAGJH@Z
?EnableScrollBar@CContainerUI@DuiLib@@UAEX_N0@Z
?EnableScrollBar@CListUI@DuiLib@@UAEX_N0@Z
?EndDown@CContainerUI@DuiLib@@UAEXXZ
?EndDown@CListUI@DuiLib@@UAEXXZ
?EndDown@CRichEditUI@DuiLib@@UAEXXZ
?EndRight@CContainerUI@DuiLib@@UAEXXZ
?EndRight@CListUI@DuiLib@@UAEXXZ
?EndRight@CRichEditUI@DuiLib@@UAEXXZ
?EnsureVisible@CListUI@DuiLib@@QAEXH@Z

Sections

.text
Size: 413KB - Virtual size: 413KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.3MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 596KB - Virtual size: 595KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Remouse.Micro.Micro.v3.5.3.serial.maker.by.aaocg.bin
.exe windows:5 windows x86 arch:x86

fcf1390e9ce472c7270447fc5c61a0c1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Projects\WinRAR\sfx\build\sfxrar32\Release\sfxrar.pdb

Imports

kernel32

GetLastError
SetLastError
FormatMessageW
GetCurrentProcess
DeviceIoControl
SetFileTime
CloseHandle
CreateDirectoryW
RemoveDirectoryW
CreateFileW
DeleteFileW
CreateHardLinkW
GetShortPathNameW
GetLongPathNameW
MoveFileW
GetFileType
GetStdHandle
WriteFile
ReadFile
FlushFileBuffers
SetEndOfFile
SetFilePointer
SetFileAttributesW
GetFileAttributesW
FindClose
FindFirstFileW
FindNextFileW
GetVersionExW
GetCurrentDirectoryW
GetFullPathNameW
FoldStringW
GetModuleFileNameW
GetModuleHandleW
FindResourceW
FreeLibrary
GetProcAddress
GetCurrentProcessId
ExitProcess
SetThreadExecutionState
Sleep
LoadLibraryW
GetSystemDirectoryW
CompareStringW
AllocConsole
FreeConsole
AttachConsole
WriteConsoleW
GetProcessAffinityMask
CreateThread
SetThreadPriority
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
ResetEvent
ReleaseSemaphore
WaitForSingleObject
CreateEventW
CreateSemaphoreW
GetSystemTime
SystemTimeToTzSpecificLocalTime
TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
FileTimeToSystemTime
GetCPInfo
IsDBCSLeadByte
MultiByteToWideChar
WideCharToMultiByte
GlobalAlloc
LockResource
GlobalLock
GlobalUnlock
GlobalFree
LoadResource
SizeofResource
SetCurrentDirectoryW
GetExitCodeProcess
GetLocalTime
GetTickCount
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
GetCommandLineW
SetEnvironmentVariableW
ExpandEnvironmentStringsW
GetTempPathW
MoveFileExW
GetLocaleInfoW
GetTimeFormatW
GetDateFormatW
GetNumberFormatW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
HeapSize
SetStdHandle
GetProcessHeap
RaiseException
GetSystemInfo
VirtualProtect
VirtualQuery
LoadLibraryExA
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
TerminateProcess
RtlUnwind
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
QueryPerformanceFrequency
GetModuleHandleExW
GetModuleFileNameA
GetACP
HeapFree
HeapAlloc
HeapReAlloc
GetStringTypeW
LCMapStringW
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
DecodePointer

gdiplus

GdiplusShutdown
GdiplusStartup
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipDisposeImage
GdipCloneImage
GdipFree
GdipAlloc

Sections

.text
Size: 193KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Treasure.Vault.3D.Screensaver.keygen.by.Paradox.bin
.exe windows:5 windows x86 arch:x86

fcf1390e9ce472c7270447fc5c61a0c1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Projects\WinRAR\sfx\build\sfxrar32\Release\sfxrar.pdb

Imports

kernel32

GetLastError
SetLastError
FormatMessageW
GetCurrentProcess
DeviceIoControl
SetFileTime
CloseHandle
CreateDirectoryW
RemoveDirectoryW
CreateFileW
DeleteFileW
CreateHardLinkW
GetShortPathNameW
GetLongPathNameW
MoveFileW
GetFileType
GetStdHandle
WriteFile
ReadFile
FlushFileBuffers
SetEndOfFile
SetFilePointer
SetFileAttributesW
GetFileAttributesW
FindClose
FindFirstFileW
FindNextFileW
GetVersionExW
GetCurrentDirectoryW
GetFullPathNameW
FoldStringW
GetModuleFileNameW
GetModuleHandleW
FindResourceW
FreeLibrary
GetProcAddress
GetCurrentProcessId
ExitProcess
SetThreadExecutionState
Sleep
LoadLibraryW
GetSystemDirectoryW
CompareStringW
AllocConsole
FreeConsole
AttachConsole
WriteConsoleW
GetProcessAffinityMask
CreateThread
SetThreadPriority
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
ResetEvent
ReleaseSemaphore
WaitForSingleObject
CreateEventW
CreateSemaphoreW
GetSystemTime
SystemTimeToTzSpecificLocalTime
TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
FileTimeToSystemTime
GetCPInfo
IsDBCSLeadByte
MultiByteToWideChar
WideCharToMultiByte
GlobalAlloc
LockResource
GlobalLock
GlobalUnlock
GlobalFree
LoadResource
SizeofResource
SetCurrentDirectoryW
GetExitCodeProcess
GetLocalTime
GetTickCount
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
GetCommandLineW
SetEnvironmentVariableW
ExpandEnvironmentStringsW
GetTempPathW
MoveFileExW
GetLocaleInfoW
GetTimeFormatW
GetDateFormatW
GetNumberFormatW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
HeapSize
SetStdHandle
GetProcessHeap
RaiseException
GetSystemInfo
VirtualProtect
VirtualQuery
LoadLibraryExA
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
TerminateProcess
RtlUnwind
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
QueryPerformanceFrequency
GetModuleHandleExW
GetModuleFileNameA
GetACP
HeapFree
HeapAlloc
HeapReAlloc
GetStringTypeW
LCMapStringW
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
DecodePointer

gdiplus

GdiplusShutdown
GdiplusStartup
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipDisposeImage
GdipCloneImage
GdipFree
GdipAlloc

Sections

.text
Size: 193KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VyprVPN.exe
.exe windows:4 windows x86 arch:x86

4f67aeda01a0484282e8c59006b0b352

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
ReadFile
GetFileAttributesA
SetFileAttributesA
ExitProcess
SetEnvironmentVariableA
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
lstrlenA
GetVersion
GetCurrentProcess
GetFullPathNameA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
GetLastError
CreateDirectoryA
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
WriteFile
lstrcpyA
MoveFileExA
lstrcatA
GetSystemDirectoryA
GetProcAddress
CloseHandle
SetCurrentDirectoryA
MoveFileA
CompareFileTime
GetShortPathNameA
SearchPathA
lstrcmpiA
SetFileTime
lstrcmpA
ExpandEnvironmentStringsA
lstrcpynA
SetErrorMode
GlobalFree
FindFirstFileA
FindNextFileA
DeleteFileA
SetFilePointer
GetPrivateProfileStringA
FindClose
MultiByteToWideChar
FreeLibrary
MulDiv
WritePrivateProfileStringA
LoadLibraryExA
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
GlobalAlloc

user32

ScreenToClient
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
PostQuitMessage
GetWindowRect
EnableMenuItem
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
ReleaseDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndDialog
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
GetDC
CreateDialogParamA
SetTimer
GetDlgItem
SetWindowLongA
SetForegroundWindow
LoadImageA
IsWindow
SendMessageTimeoutA
FindWindowExA
OpenClipboard
TrackPopupMenu
AppendMenuA
EndPaint
DestroyWindow
wsprintfA
ShowWindow
SetWindowTextA

gdi32

SelectObject
SetBkMode
CreateFontIndirectA
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA

advapi32

RegDeleteKeyA
SetFileSecurityA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegEnumValueA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegEnumKeyA

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_Destroy
ord17

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$1/1337/VyprVPN.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\root\source\repos\Project\Project\obj\Release\VyprVPN.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$1/1337/joinResult.exe
.exe windows:4 windows x86 arch:x86

4f67aeda01a0484282e8c59006b0b352

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
ReadFile
GetFileAttributesA
SetFileAttributesA
ExitProcess
SetEnvironmentVariableA
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
lstrlenA
GetVersion
GetCurrentProcess
GetFullPathNameA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
GetLastError
CreateDirectoryA
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
WriteFile
lstrcpyA
MoveFileExA
lstrcatA
GetSystemDirectoryA
GetProcAddress
CloseHandle
SetCurrentDirectoryA
MoveFileA
CompareFileTime
GetShortPathNameA
SearchPathA
lstrcmpiA
SetFileTime
lstrcmpA
ExpandEnvironmentStringsA
lstrcpynA
SetErrorMode
GlobalFree
FindFirstFileA
FindNextFileA
DeleteFileA
SetFilePointer
GetPrivateProfileStringA
FindClose
MultiByteToWideChar
FreeLibrary
MulDiv
WritePrivateProfileStringA
LoadLibraryExA
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
GlobalAlloc

user32

ScreenToClient
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
PostQuitMessage
GetWindowRect
EnableMenuItem
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
ReleaseDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndDialog
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
GetDC
CreateDialogParamA
SetTimer
GetDlgItem
SetWindowLongA
SetForegroundWindow
LoadImageA
IsWindow
SendMessageTimeoutA
FindWindowExA
OpenClipboard
TrackPopupMenu
AppendMenuA
EndPaint
DestroyWindow
wsprintfA
ShowWindow
SetWindowTextA

gdi32

SelectObject
SetBkMode
CreateFontIndirectA
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA

advapi32

RegDeleteKeyA
SetFileSecurityA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegEnumValueA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegEnumKeyA

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_Destroy
ord17

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 364KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

8c8a576201f68de1a3f26fc723b9f30f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
GlobalFree
GlobalSize
lstrcpynA
lstrcpyA
GetProcAddress
VirtualFree
FreeLibrary
lstrlenA
LoadLibraryA
GetModuleHandleA
GlobalAlloc
WideCharToMultiByte
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 851B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WSHSetup[1].bin
.exe windows:5 windows x86 arch:x86

3c977911c8eee24abac5edc906e5e72c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsW
LoadLibraryW
GetStringTypeW
HeapCreate
HeapSize
SetHandleCount
FlushFileBuffers
GetConsoleCP
LCMapStringW
IsValidCodePage
GetOEMCP
GetCPInfo
IsProcessorFeaturePresent
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetEnvironmentStringsW
TlsFree
GetCurrentProcessId
TlsGetValue
TlsAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineA
VirtualQuery
GetSystemInfo
GetModuleHandleW
VirtualAlloc
VirtualProtect
GetModuleFileNameW
GetStdHandle
WriteConsoleW
HeapReAlloc
HeapFree
HeapAlloc
EncodePointer
DecodePointer
RtlUnwind
SetStdHandle
LocalFree
SetLastError
QueryPerformanceCounter
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetSystemTimeAsFileTime
TlsSetValue
CreateFileW
GetCommState
SetErrorMode
GetLogicalDrives
GetVolumePathNameW
GetVolumeNameForVolumeMountPointW
GetComputerNameExW
GetConsoleMode
CreateEventA
WaitForSingleObject
IsDBCSLeadByte
lstrcmpiA
LoadLibraryExA
lstrlenA
lstrlenW
InitializeCriticalSectionAndSpinCount
RaiseException
FreeLibrary
WriteFile
SetFileTime
CreateDirectoryA
DosDateTimeToFileTime
SystemTimeToFileTime
GetCurrentProcess
DuplicateHandle
GetFileType
SetFilePointer
ExitProcess
GetCurrentDirectoryA
GetModuleFileNameA
FindResourceA
LoadResource
FreeResource
SizeofResource
LockResource
GetLastError
GetModuleHandleA
WideCharToMultiByte
GlobalAlloc
GlobalLock
GlobalUnlock
CreateFileA
GetFileSize
CloseHandle
ReadFile
InterlockedIncrement
InterlockedDecrement
LoadLibraryA
GetProcAddress
GetACP
MultiByteToWideChar
MulDiv
GetTickCount
GetLocalTime
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetVersionExA
InitializeCriticalSection
Sleep
GetCurrentThreadId

user32

MessageBoxA
SetWindowRgn
wvsprintfA
OffsetRect
SystemParametersInfoA
CharPrevA
DrawTextA
UnionRect
GetActiveWindow
GetUpdateRect
IsWindowVisible
SetRect
MessageBoxW
GetDlgItem
CheckMenuRadioItem
GetDCEx
IsZoomed
GetWindowRect
UpdateWindow
MoveWindow
DestroyWindow
ReleaseDC
GetDC
ReleaseCapture
SetCapture
FillRect
LockWindowUpdate
SetClassLongA
GetClassLongA
AttachThreadInput
CopyImage
SetScrollPos
AppendMenuW
TrackPopupMenu
InvalidateRect
InvalidateRgn
DefWindowProcA
GetMenuCheckMarkDimensions
GetClientRect
SetTimer
EndPaint
BeginPaint
PtInRect
ScreenToClient
ClientToScreen
GetGUIThreadInfo
ShowWindow
SetFocus
SetCursor
LoadCursorA
CharNextA
IntersectRect
GetParent
GetMonitorInfoA
MonitorFromWindow
MapWindowPoints
GetFocus
GetCursorPos
SendMessageA
SetWindowPos
IsRectEmpty
GetWindowTextLengthA
EnableWindow
SetWindowTextA
GetCaretPos
GetCaretBlinkTime
GetWindowTextA
CreateCaret
HideCaret
ShowCaret
SetCaretPos
GetSysColor
GetKeyState
GetWindowLongA
KillTimer
PostMessageA
SetPropA
GetPropA
CallWindowProcA
GetClassInfoExA
CreateWindowExA
SetWindowLongA
IsWindow
DispatchMessageA
TranslateMessage
GetMessageA
DialogBoxIndirectParamA
EnableMenuItem
GetSystemMenu
CreateAcceleratorTableA
RegisterClassExA
RegisterClassA
GetWindow
IsIconic

gdi32

GetStockObject
CreateFontIndirectA
GetObjectA
SetBkMode
SetTextColor
CreatePatternBrush
CreateSolidBrush
DeleteObject
GetDeviceCaps
RoundRect
TextOutA
CreatePen
GetCharABCWidthsA
ExtSelectClipRgn
GdiFlush
CreateFontA
Escape
ExtEscape
EnumObjects
CreateDCA
SetDCPenColor
DeleteDC
SetWindowOrgEx
Rectangle
RestoreDC
BitBlt
SaveDC
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetTextMetricsA
SelectClipRgn
CombineRgn
CreateRectRgnIndirect
GetClipBox
CreateRoundRectRgn
StretchBlt
SetStretchBltMode
ExtTextOutA
SetBkColor
LineTo
MoveToEx
GetTextExtentPoint32A
CreateDIBSection
CreatePenIndirect

comdlg32

GetOpenFileNameA

advapi32

MakeAbsoluteSD2
RegCloseKey
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyExA
IsValidSecurityDescriptor
LookupPrivilegeValueW
LsaAddAccountRights
LookupPrivilegeNameA
RegSetValueExA
RegQueryInfoKeyW
RegDeleteValueA

shell32

ShellExecuteA

ole32

OleLockRunning
CoInitialize
CoUninitialize
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
OleInitialize
OleUninitialize
CreateStreamOnHGlobal
CoCreateInstance
CLSIDFromString
CLSIDFromProgID

oleaut32

BSTR_UserSize
VarUI4FromStr
SysAllocStringLen
VariantInit
VariantClear
SysFreeString
SysAllocString

gdiplus

GdipGetImageWidth
GdipGetImageHeight
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipGetFamily
GdipCreateFontFromDC
GdipCloneBrush
GdipSetTextRenderingHint
GdipCreateStringFormat
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipCreateLineBrushI
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipSetSmoothingMode
GdipSetCompositingQuality
GdipSetInterpolationMode
GdipSetPixelOffsetMode
GdipDrawString
GdipGraphicsClear
GdipDrawImage
GdipDeleteFontFamily
GdipDeleteBrush
GdipDeleteStringFormat
GdipDeleteFont
GdiplusShutdown
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipFree
GdipAlloc
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipCreateFromHDC
GdipDrawImageRectI
GdipImageSelectActiveFrame
GdipDeleteGraphics
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipCreateFontFromLogfontA

imm32

ImmSetCompositionFontA
ImmSetCompositionWindow
ImmGetContext
ImmReleaseContext

comctl32

_TrackMouseEvent
ord17

winmm

mmioWrite
mmioCreateChunk
mmioOpenW
mmioAscend

urlmon

CreateAsyncBindCtx

msacm32

acmDriverOpen

netapi32

NetWkstaUserGetInfo

iphlpapi

GetIpNetTable

avifil32

AVIMakeCompressedStream

wsnmp32

ord501

d2d1

ord1

dwrite

DWriteCreateFactory

Sections

.text
Size: 612KB - Virtual size: 612KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
api
.exe windows:5 windows x86 arch:x86

aea9c61b49d66485f9f13c0f478d0b02

Code Sign

05:d3:ac:4a:89:44:68:9e:10:38:0a:ae:2b:1b:fe:be
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

21-06-2018 00:00

Not After

22-07-2021 12:00

Subject

CN=Adlice,O=Adlice,L=Sautron,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2014 00:00

Not After

22-10-2024 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-11-2006 00:00

Not After

10-11-2021 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

bf:d4:05:d9:39:75:60:c2:35:19:a3:f5:bc:e0:31:cd:8d:33:8a:26
Signer

Actual PE Digest

bf:d4:05:d9:39:75:60:c2:35:19:a3:f5:bc:e0:31:cd:8d:33:8a:26

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\Adlice\Diag\RelWithDebInfo\Diag.pdb

Imports

ws2_32

inet_ntoa
WSAIoctl
getnameinfo
freeaddrinfo
getaddrinfo

winmm

PlaySoundW

kernel32

GetStdHandle
SwitchToFiber
DeleteFiber
CreateFiber
QueryPerformanceCounter
GetSystemTimeAsFileTime
ConvertFiberToThread
ConvertThreadToFiber
LoadLibraryA
GetConsoleMode
SetConsoleMode
ReadConsoleA
ReadConsoleW
FormatMessageA
InitializeCriticalSection
SleepEx
QueryPerformanceFrequency
GetSystemDirectoryA
VerifyVersionInfoA
ExpandEnvironmentStringsA
CreateFileMappingA
SwitchToThread
CompareStringW
GetUserDefaultLCID
GetLocalTime
SetThreadPriority
GetThreadPriority
WaitForSingleObjectEx
OutputDebugStringW
GetConsoleWindow
LCMapStringW
GetStartupInfoW
GetCurrencyFormatW
GetUserDefaultUILanguage
GetLogicalDrives
SetEndOfFile
FindCloseChangeNotification
FindFirstChangeNotificationW
FindNextChangeNotification
FindFirstFileExW
GetTimeZoneInformation
IsValidLanguageGroup
IsValidLocale
GetUserDefaultLangID
CheckRemoteDebuggerPresent
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalSize
ExitProcess
SetEvent
ResetEvent
WaitForMultipleObjects
CloseHandle
CreateEventW
OpenEventW
GetDriveTypeW
GetVolumeInformationW
GetModuleHandleExW
ReadProcessMemory
GetModuleHandleW
GetProcAddress
GetLongPathNameW
lstrcmpW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
TryEnterCriticalSection
DeleteCriticalSection
ExpandEnvironmentStringsW
GetSystemDirectoryW
GetTempPathW
GetStringTypeW
EncodePointer
DecodePointer
GetCPInfo
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeSListHead
IsDebuggerPresent
InterlockedPushEntrySList
LoadLibraryExW
SetConsoleCtrlHandler
ExitThread
FreeLibraryAndExitThread
GetCommandLineA
SetStdHandle
GetFullPathNameA
GetConsoleCP
HeapReAlloc
GetACP
EnumSystemLocalesW
HeapSize
SetEnvironmentVariableA
WriteConsoleW
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
LockResource
LoadResource
SizeofResource
FindResourceW
GetFileSizeEx
CreateMutexA
HeapCreate
HeapDestroy
GetFileSize
CreateFileA
VirtualQueryEx
AreFileApisANSI
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
OpenProcess
GetCurrentThreadId
GetTempFileNameW
GetComputerNameW
MultiByteToWideChar
WideCharToMultiByte
GetSystemTime
SystemTimeToTzSpecificLocalTime
TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
FileTimeToSystemTime
CompareFileTime
GetTimeFormatW
GetDateFormatW
LocalFree
GetCommandLineW
GetCurrentProcess
GetCurrentProcessId
FreeLibrary
GlobalMemoryStatusEx
GetLastError
SetErrorMode
Sleep
GetSystemInfo
GetSystemTimes
FormatMessageW
LoadLibraryW
GetCurrentDirectoryW
GetProcessTimes
TerminateProcess
GetExitCodeProcess
GetProcessId
TerminateThread
SetLastError
WaitForSingleObject
DuplicateHandle
GetModuleHandleA
CreateProcessW
CreateJobObjectW
AssignProcessToJobObject
TerminateJobObject
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
SetFilePointer
lstrcpyW
lstrcmpA
GetVolumePathNameW
GetVolumeNameForVolumeMountPointW
IsBadWritePtr
IsBadReadPtr
GetDiskFreeSpaceW
lstrlenW
SetFilePointerEx
GetFileType
GetFileInformationByHandle
VirtualFree
VirtualAlloc
LocalAlloc
CancelIo
WaitNamedPipeW
CreateNamedPipeW
PeekNamedPipe
SetNamedPipeHandleState
SetHandleInformation
FlushFileBuffers
ReadFile
WriteFile
Module32NextW
Module32FirstW
CreateRemoteThread
OpenThread
CreateThread
RaiseException
GetVersionExA
OutputDebugStringA
GetEnvironmentVariableW
GetModuleFileNameA
Thread32First
Thread32Next
GetShortPathNameW
GetFullPathNameW
VerSetConditionMask
GetVersionExW
GetLocaleInfoW
GetGeoInfoW
GetUserGeoID
GetThreadLocale
ReleaseMutex
CreateMutexW
FindClose
GetFileTime
CreateDirectoryW
ResumeThread
RemoveDirectoryW
CreateFileW
SetFileAttributesW
GetFileAttributesW
GetFileAttributesExW
DeleteFileW
FindFirstFileW
LockFileEx
UnlockFile
HeapCompact
DeleteFileA
FlushViewOfFile
GetFileAttributesA
FindNextFileW
GetDiskFreeSpaceA
GetTempPathA
HeapValidate
UnlockFileEx
LockFile
CopyFileW
MoveFileW
MoveFileExW
InterlockedDecrement
HeapAlloc
HeapFree
GetProcessHeap
GetModuleFileNameW
DeviceIoControl
DefineDosDeviceW
QueryDosDeviceW
MapViewOfFile
GetCurrentThread
GetTickCount
CreateFileMappingW
UnmapViewOfFile

user32

ClientToScreen
TrackMouseEvent
GetDesktopWindow
GetParent
SetParent
GetCursorInfo
CreateIconIndirect
CreateCursor
LoadCursorW
GetCursor
SetCursorPos
GetClipboardFormatNameW
NotifyWinEvent
SetMenuItemInfoW
TrackPopupMenuEx
GetMenu
MapVirtualKeyW
ToUnicode
ToAscii
GetKeyboardState
RegisterClipboardFormatW
GetKeyState
IsZoomed
SetCaretPos
HideCaret
DestroyCaret
CreateCaret
GetKeyboardLayout
GetAsyncKeyState
DestroyCursor
AdjustWindowRectEx
GetWindowRect
SetWindowTextW
InvalidateRect
GetUpdateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
ReleaseCapture
SetCapture
GetCapture
SetFocus
IsIconic
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
SetWindowPos
MoveWindow
FlashWindowEx
IsChild
MessageBeep
GetCaretBlinkTime
GetDoubleClickTime
CharNextExA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
SetWindowLongW
GetWindowLongW
KillTimer
SetTimer
MsgWaitForMultipleObjectsEx
GetQueueStatus
UnregisterClassW
RegisterClassW
PeekMessageW
DispatchMessageW
TranslateMessage
FindWindowA
SendMessageA
MessageBoxW
GetUserObjectInformationW
GetProcessWindowStation
EnumWindows
GetMessageExtraInfo
GetWindowTextW
RealGetWindowClassW
GetAncestor
GetKeyboardLayoutList
GetClassInfoW
RegisterClassExW
GetFocus
GetClientRect
GetCursorPos
ChildWindowFromPointEx
GetSysColorBrush
LoadImageW
GetMonitorInfoW
EnumDisplayMonitors
LoadIconW
SetClipboardViewer
ChangeClipboardChain
SetCursor
DrawIconEx
ReleaseDC
GetClassNameW
EnumChildWindows
GetDC
ScreenToClient
GetIconInfo
GetSystemMenu
EnableMenuItem
ShowWindow
PostMessageW
SetWindowRgn
SystemParametersInfoW
GetSysColor
DestroyIcon
GetWindowThreadProcessId
GetSystemMetrics
DestroyWindow
CreateWindowExW
DefWindowProcW
RegisterWindowMessageW
SendMessageW

gdi32

SelectClipRgn
GetRegionData
CreateRectRgn
CombineRgn
CreateDIBSection
SelectObject
GetDIBits
DeleteObject
DeleteDC
SetGraphicsMode
CreateBitmap
ExtTextOutW
SetWorldTransform
SetTextAlign
SetTextColor
GdiFlush
SetBkMode
GetCharABCWidthsI
GetTextExtentPoint32W
GetOutlineTextMetricsW
GetGlyphOutlineW
GetCharABCWidthsFloatW
GetCharABCWidthsW
GetBitmapBits
SwapBuffers
SetPixelFormat
GetPixelFormat
DescribePixelFormat
ChoosePixelFormat
GetTextFaceW
GetObjectW
GetTextMetricsW
RemoveFontMemResourceEx
AddFontMemResourceEx
RemoveFontResourceExW
AddFontResourceExW
GetStockObject
GetFontData
CreateFontIndirectW
EnumFontFamiliesExW
CreateDCW
CreateCompatibleBitmap
GetDeviceCaps
OffsetRgn
BitBlt
CreateCompatibleDC

shell32

ShellExecuteW
ShellExecuteExW
ord51
CommandLineToArgvW
SHGetFolderPathW
Shell_NotifyIconW
ExtractIconExW
SHGetSpecialFolderPathW
SHGetFileInfoW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetMalloc

ole32

OleGetClipboard
OleSetClipboard
OleUninitialize
OleInitialize
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
StringFromCLSID
CoInitialize
CoCreateGuid
CoSetProxyBlanket
CoCreateInstance
CoInitializeSecurity
CoInitializeEx
CoUninitialize
CoTaskMemFree
OleFlushClipboard
OleIsCurrentClipboard
ReleaseStgMedium
CoGetMalloc
CoTaskMemAlloc
StringFromGUID2
DoDragDrop

oleaut32

VariantChangeType
SysAllocStringLen
VariantInit
SystemTimeToVariantTime
SysStringLen
SysFreeString
SysAllocString
VariantClear

advapi32

QueryServiceConfig2W
LookupPrivilegeValueA
GetUserNameW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
CreateProcessAsUserW
DuplicateTokenEx
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegSetValueExW
DeregisterEventSource
RegisterEventSourceW
ReportEventW
RegQueryValueExW
ChangeServiceConfigW
ChangeServiceConfig2W
CloseServiceHandle
ControlService
RegFlushKey
CryptGenRandom
CryptEnumProvidersW
CryptSignHashW
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextW
SetNamedSecurityInfoW
GetNamedSecurityInfoW
GetExplicitEntriesFromAclW
RegSetKeySecurity
RegGetKeySecurity
GetAce
SetEntriesInAclW
CheckTokenMembership
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
IsValidSecurityDescriptor
InitializeSecurityDescriptor
InitializeAcl
FreeSid
AllocateAndInitializeSid
ConvertStringSidToSidW
ConvertSidToStringSidW
LookupAccountNameW
LookupAccountSidW
CopySid
GetLengthSid
IsValidSid
GetTokenInformation
StartServiceW
QueryServiceStatusEx
QueryServiceStatus
CreateServiceW
QueryServiceConfigW
OpenServiceW
OpenSCManagerW
EnumServicesStatusW
EnumDependentServicesW
DeleteService
GetSecurityInfo

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock
GetProfilesDirectoryW

wininet

InternetGetConnectedState

psapi

GetModuleFileNameExW
GetProcessImageFileNameW
GetModuleInformation
GetModuleBaseNameW

iphlpapi

GetUdpTable
GetTcpTable

shlwapi

PathUnExpandEnvStringsW
PathUnquoteSpacesW
PathSearchAndQualifyW
PathRemoveFileSpecW
PathRemoveBlanksW
StrFormatByteSizeW
StrDupW
StrCmpIW
PathRemoveBackslashW
PathRemoveArgsW
PathQuoteSpacesW
PathIsNetworkPathW
PathIsRelativeW
PathIsPrefixW
PathIsDirectoryW
PathGetDriveNumberW
PathGetArgsW
PathFindFileNameW
PathFindExtensionW
AssocQueryStringW
PathAddBackslashW
PathAppendW
PathFileExistsW

ntdll

NtQueryVirtualMemory
RtlUnwind
memcmp
islower
isupper
isdigit
wcsncmp
wcstombs
strpbrk
strtol
strstr
atoi
_stricmp
wcsstr
_strnicmp
strtoul
strspn
strcmp
strrchr
strncpy
qsort
NtQueryKey
NtCreateKey
NtSetValueKey
NtDeleteValueKey
NtDeleteKey
NtOpenKey
isalnum
_wtoi64
strcspn
_wcsicmp
memchr
tolower
isspace
toupper
wcsrchr
floor
strchr
ceil
strncmp
memset
memcpy
memmove
bsearch
NtUnloadDriver
NtLoadDriver
RtlInitUnicodeString
wcschr

mpr

WNetGetConnectionW

wsock32

getsockname
getsockopt
ntohs
WSAStartup
WSACleanup
WSAGetLastError
recv
send
WSASetLastError
accept
bind
closesocket
connect
listen
setsockopt
socket
getpeername
htons
__WSAFDIsSet
select
htonl
recvfrom
shutdown
sendto
gethostname
WSAAsyncSelect
inet_ntoa

wtsapi32

WTSEnumerateSessionsW

crypt32

CertGetCertificateContextProperty
CryptDecodeObject
CryptMsgClose
CryptMsgGetParam
CertCloseStore
CertFindCertificateInStore
CertFreeCertificateContext
CertNameToStrW
CertGetNameStringW
CryptQueryObject
CertOpenStore
CertEnumCertificatesInStore
CertDuplicateCertificateContext

wintrust

CryptCATAdminCalcHashFromFileHandle
CryptCATAdminEnumCatalogFromHash
CryptCATAdminReleaseContext
CryptCATCatalogInfoFromContext
CryptCATAdminReleaseCatalogContext
WinVerifyTrust
CryptCATAdminAcquireContext

opengl32

glClearDepth
glClearColor
glClear
glColorMask
glCopyTexImage2D
glCopyTexSubImage2D
glCullFace
glDeleteTextures
glDepthFunc
glDepthMask
glDepthRange
glDisable
glDrawArrays
glDrawElements
glEnable
glFinish
glFlush
glFrontFace
glGenTextures
glGetBooleanv
glGetError
glGetFloatv
glBlendFunc
glClearStencil
glBindTexture
glGetIntegerv
glGetString
glGetTexParameterfv
glGetTexParameteriv
glHint
glIsEnabled
glIsTexture
glLineWidth
glPixelStorei
glPolygonOffset
glReadPixels
glScissor
glStencilFunc
glStencilMask
glStencilOp
glTexImage2D
glTexParameterf
glTexParameterfv
glTexParameteri
glTexParameteriv
glTexSubImage2D
glViewport

imm32

ImmGetVirtualKey
ImmGetDefaultIMEWnd
ImmGetContext
ImmReleaseContext
ImmAssociateContext
ImmGetCompositionStringW
ImmNotifyIME
ImmSetCompositionWindow
ImmSetCandidateWindow

Sections

.text
Size: 12.5MB - Virtual size: 12.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 162KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 13B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qtmetad
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5.1MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 595KB - Virtual size: 595KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
efd97b1038e063779fb32a3ab35adc481679a5c6c8e3f4f69c44987ff08b6ea4.js
.js
good.bin
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 40.7MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 124KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
infected dot net installer.bin
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 615KB - Virtual size: 614KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 57B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
update.bin
.exe windows:5 windows x86 arch:x86

eb97e4fc5518ac300a92a11673825e0b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSACleanup
socket
inet_ntoa
setsockopt
ntohs
recvfrom
ioctlsocket
htons
WSAStartup
__WSAFDIsSet
select
accept
listen
bind
closesocket
WSAGetLastError
recv
sendto
send
inet_addr
gethostbyname
gethostname
connect

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

winmm

timeGetTime
waveOutSetVolume
mciSendStringW

comctl32

ImageList_ReplaceIcon
ImageList_Destroy
ImageList_Remove
ImageList_SetDragCursorImage
ImageList_BeginDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_EndDrag
ImageList_DragMove
InitCommonControlsEx
ImageList_Create

mpr

WNetUseConnectionW
WNetCancelConnection2W
WNetGetConnectionW
WNetAddConnection2W

wininet

InternetQueryDataAvailable
InternetCloseHandle
InternetOpenW
InternetSetOptionW
InternetCrackUrlW
HttpQueryInfoW
InternetQueryOptionW
HttpOpenRequestW
HttpSendRequestW
FtpOpenFileW
FtpGetFileSize
InternetOpenUrlW
InternetReadFile
InternetConnectW

psapi

GetProcessMemoryInfo

iphlpapi

IcmpCreateFile
IcmpCloseHandle
IcmpSendEcho

userenv

DestroyEnvironmentBlock
UnloadUserProfile
CreateEnvironmentBlock
LoadUserProfileW

uxtheme

IsThemeActive

kernel32

DuplicateHandle
CreateThread
WaitForSingleObject
HeapAlloc
GetProcessHeap
HeapFree
Sleep
GetCurrentThreadId
MultiByteToWideChar
MulDiv
GetVersionExW
IsWow64Process
GetSystemInfo
FreeLibrary
LoadLibraryA
GetProcAddress
SetErrorMode
GetModuleFileNameW
WideCharToMultiByte
lstrcpyW
lstrlenW
GetModuleHandleW
QueryPerformanceCounter
VirtualFreeEx
OpenProcess
VirtualAllocEx
WriteProcessMemory
ReadProcessMemory
CreateFileW
SetFilePointerEx
SetEndOfFile
ReadFile
WriteFile
FlushFileBuffers
TerminateProcess
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
SetFileTime
GetFileAttributesW
FindFirstFileW
SetCurrentDirectoryW
GetLongPathNameW
GetShortPathNameW
DeleteFileW
FindNextFileW
CopyFileExW
MoveFileW
CreateDirectoryW
RemoveDirectoryW
SetSystemPowerState
QueryPerformanceFrequency
FindResourceW
LoadResource
LockResource
SizeofResource
EnumResourceNamesW
OutputDebugStringW
GetTempPathW
GetTempFileNameW
DeviceIoControl
GetLocalTime
CompareStringW
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
GetStdHandle
CreatePipe
InterlockedExchange
TerminateThread
LoadLibraryExW
FindResourceExW
CopyFileW
VirtualFree
FormatMessageW
GetExitCodeProcess
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileSectionW
WritePrivateProfileSectionW
GetPrivateProfileSectionNamesW
FileTimeToLocalFileTime
FileTimeToSystemTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetDriveTypeW
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetVolumeInformationW
SetVolumeLabelW
CreateHardLinkW
SetFileAttributesW
CreateEventW
SetEvent
GetEnvironmentVariableW
SetEnvironmentVariableW
GlobalLock
GlobalUnlock
GlobalAlloc
GetFileSize
GlobalFree
GlobalMemoryStatusEx
Beep
GetSystemDirectoryW
HeapReAlloc
HeapSize
GetComputerNameW
GetWindowsDirectoryW
GetCurrentProcessId
GetProcessIoCounters
CreateProcessW
GetProcessId
SetPriorityClass
LoadLibraryW
VirtualAlloc
IsDebuggerPresent
GetCurrentDirectoryW
lstrcmpiW
DecodePointer
GetLastError
RaiseException
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InterlockedDecrement
InterlockedIncrement
GetCurrentThread
CloseHandle
GetFullPathNameW
EncodePointer
ExitProcess
GetModuleHandleExW
ExitThread
GetSystemTimeAsFileTime
ResumeThread
GetCommandLineW
IsProcessorFeaturePresent
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetStringTypeW
SetStdHandle
GetFileType
GetConsoleCP
GetConsoleMode
RtlUnwind
ReadConsoleW
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
LCMapStringW
GetEnvironmentStringsW
FreeEnvironmentStringsW
WriteConsoleW
FindClose
SetEnvironmentVariableA

user32

AdjustWindowRectEx
CopyImage
SetWindowPos
GetCursorInfo
RegisterHotKey
ClientToScreen
GetKeyboardLayoutNameW
IsCharAlphaW
IsCharAlphaNumericW
IsCharLowerW
IsCharUpperW
GetMenuStringW
GetSubMenu
GetCaretPos
IsZoomed
MonitorFromPoint
GetMonitorInfoW
SetWindowLongW
SetLayeredWindowAttributes
FlashWindow
GetClassLongW
TranslateAcceleratorW
IsDialogMessageW
GetSysColor
InflateRect
DrawFocusRect
DrawTextW
FrameRect
DrawFrameControl
FillRect
PtInRect
DestroyAcceleratorTable
CreateAcceleratorTableW
SetCursor
GetWindowDC
GetSystemMetrics
GetActiveWindow
CharNextW
wsprintfW
RedrawWindow
DrawMenuBar
DestroyMenu
SetMenu
GetWindowTextLengthW
CreateMenu
IsDlgButtonChecked
DefDlgProcW
CallWindowProcW
ReleaseCapture
SetCapture
CreateIconFromResourceEx
mouse_event
ExitWindowsEx
SetActiveWindow
FindWindowExW
EnumThreadWindows
SetMenuDefaultItem
InsertMenuItemW
IsMenu
TrackPopupMenuEx
GetCursorPos
DeleteMenu
SetRect
GetMenuItemID
GetMenuItemCount
SetMenuItemInfoW
GetMenuItemInfoW
SetForegroundWindow
IsIconic
FindWindowW
MonitorFromRect
keybd_event
SendInput
GetAsyncKeyState
SetKeyboardState
GetKeyboardState
GetKeyState
VkKeyScanW
LoadStringW
DialogBoxParamW
MessageBeep
EndDialog
SendDlgItemMessageW
GetDlgItem
SetWindowTextW
CopyRect
ReleaseDC
GetDC
EndPaint
BeginPaint
GetClientRect
GetMenu
DestroyWindow
EnumWindows
GetDesktopWindow
IsWindow
IsWindowEnabled
IsWindowVisible
EnableWindow
InvalidateRect
GetWindowLongW
GetWindowThreadProcessId
AttachThreadInput
GetFocus
GetWindowTextW
ScreenToClient
SendMessageTimeoutW
EnumChildWindows
CharUpperBuffW
GetParent
GetDlgCtrlID
SendMessageW
MapVirtualKeyW
PostMessageW
GetWindowRect
SetUserObjectSecurity
CloseDesktop
CloseWindowStation
OpenDesktopW
SetProcessWindowStation
GetProcessWindowStation
OpenWindowStationW
GetUserObjectSecurity
MessageBoxW
DefWindowProcW
SetClipboardData
EmptyClipboard
CountClipboardFormats
CloseClipboard
GetClipboardData
IsClipboardFormatAvailable
OpenClipboard
BlockInput
GetMessageW
LockWindowUpdate
DispatchMessageW
TranslateMessage
PeekMessageW
UnregisterHotKey
CheckMenuRadioItem
CharLowerBuffW
MoveWindow
SetFocus
PostQuitMessage
KillTimer
CreatePopupMenu
RegisterWindowMessageW
SetTimer
ShowWindow
CreateWindowExW
RegisterClassExW
LoadIconW
LoadCursorW
GetSysColorBrush
GetForegroundWindow
MessageBoxA
DestroyIcon
SystemParametersInfoW
LoadImageW
GetClassNameW

gdi32

StrokePath
DeleteObject
GetTextExtentPoint32W
ExtCreatePen
GetDeviceCaps
EndPath
SetPixel
CloseFigure
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
StretchBlt
GetDIBits
LineTo
AngleArc
MoveToEx
Ellipse
DeleteDC
GetPixel
CreateDCW
GetStockObject
GetTextFaceW
CreateFontW
SetTextColor
PolyDraw
BeginPath
Rectangle
SetViewportOrgEx
GetObjectW
SetBkMode
RoundRect
SetBkColor
CreatePen
CreateSolidBrush
StrokeAndFillPath

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

GetAce
RegEnumValueW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegConnectRegistryW
InitializeSecurityDescriptor
InitializeAcl
AdjustTokenPrivileges
OpenThreadToken
OpenProcessToken
LookupPrivilegeValueW
DuplicateTokenEx
CreateProcessAsUserW
CreateProcessWithLogonW
GetLengthSid
CopySid
LogonUserW
AllocateAndInitializeSid
CheckTokenMembership
RegCreateKeyExW
FreeSid
GetTokenInformation
GetSecurityDescriptorDacl
GetAclInformation
AddAce
SetSecurityDescriptorDacl
GetUserNameW
InitiateSystemShutdownExW

shell32

DragQueryPoint
ShellExecuteExW
DragQueryFileW
SHEmptyRecycleBinW
SHGetPathFromIDListW
SHBrowseForFolderW
SHCreateShellItem
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetFolderPathW
SHFileOperationW
ExtractIconExW
Shell_NotifyIconW
ShellExecuteW
DragFinish

ole32

CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
ProgIDFromCLSID
CLSIDFromProgID
OleSetMenuDescriptor
MkParseDisplayName
OleSetContainedObject
CoCreateInstance
IIDFromString
StringFromGUID2
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CoInitialize
CoUninitialize
GetRunningObjectTable
CoGetInstanceFromFile
CoGetObject
CoSetProxyBlanket
CoCreateInstanceEx
CoInitializeSecurity

oleaut32

LoadTypeLibEx
VariantCopyInd
SysReAllocString
SysFreeString
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayAllocData
SafeArrayAllocDescriptorEx
SafeArrayCreateVector
RegisterTypeLi
CreateStdDispatch
DispCallFunc
VariantChangeType
SysStringLen
VariantTimeToSystemTime
VarR8FromDec
SafeArrayGetVartype
VariantCopy
VariantClear
OleLoadPicture
QueryPathOfRegTypeLi
RegisterTypeLibForUser
UnRegisterTypeLibForUser
UnRegisterTypeLi
CreateDispTypeInfo
SysAllocString
VariantInit

Sections

.text
Size: 568KB - Virtual size: 567KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11.2MB - Virtual size: 11.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
vir1.xls
.xlsx .xls office2007
xNet.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\User\Documents\Visual Studio 2015\Projects\xNet\obj\Release\xNet.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Extracted

Signatures

Files

Password: infected

5877688b4859ffd051f6be3b8e0cd533

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

comctl32

shell32

winmm

ole32

shlwapi

Sections

.code Size: 14KB - Virtual size: 13KB

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 12.4MB - Virtual size: 12.4MB

4f67aeda01a0484282e8c59006b0b352

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 106KB

.ndata Size: - Virtual size: 32KB

.rsrc Size: 19KB - Virtual size: 18KB

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rsrc Size: 1.6MB - Virtual size: 1.6MB

.reloc Size: 512B - Virtual size: 12B

4f67aeda01a0484282e8c59006b0b352

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 106KB

.ndata Size: - Virtual size: 32KB

.rsrc Size: 364KB - Virtual size: 363KB

Headers

DLL Characteristics

File Characteristics

Sections

Size: 246KB - Virtual size: 428KB

Size: 31KB - Virtual size: 72KB

.code
Size: 14KB - Virtual size: 13KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 12.4MB - Virtual size: 12.4MB

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 106KB

.ndata
Size: - Virtual size: 32KB

.rsrc
Size: 19KB - Virtual size: 18KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 106KB

.ndata
Size: - Virtual size: 32KB

.rsrc
Size: 364KB - Virtual size: 363KB

.rsrc
Size: 1024B - Virtual size: 4KB

.data
Size: 932KB - Virtual size: 936KB

.text
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 851B

.data
Size: 512B - Virtual size: 104B

.reloc
Size: 1024B - Virtual size: 608B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 851B

.data
Size: 512B - Virtual size: 104B

.reloc
Size: 1024B - Virtual size: 608B

.text
Size: 97KB - Virtual size: 97KB

.rsrc
Size: 1024B - Virtual size: 1012B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 120KB - Virtual size: 119KB

.rdata
Size: 110KB - Virtual size: 110KB

.data
Size: 3KB - Virtual size: 4.7MB

.gfids
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 10KB - Virtual size: 9KB