672d3e3a2dbecb8950cb8bd76c637fad98b59a3d27d1bf18fc327f40fa0948a3

Sharing

Copy URL

Twitter E-mail

General

Target

672d3e3a2dbecb8950cb8bd76c637fad98b59a3d27d1bf18fc327f40fa0948a3
Size

3.4MB
MD5

8862f4b885a14e6e26ef41275b3a1c6a
SHA1

fd12187237ce850cd03aa86833e4862f6ec3a3e4
SHA256

672d3e3a2dbecb8950cb8bd76c637fad98b59a3d27d1bf18fc327f40fa0948a3
SHA512

8ad1cbfd9f4ceebc708ef4c89b12315f2fecccc2cdf9b54399b33632516c9a4f0a44693489d9845ad27336a52a7e631f8e53203d2bd21c636bc25b0a37175563
SSDEEP

98304:gVEyf6j2u9tqiIDAQDqWzjTfI+4KCkeKkxt37W:gEG6j2Oqi4AQWWzvfIPKkxtLW

Score

3^/10

Malware Config

Signatures

Unsigned PE 19 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/E1-20200827_061516
unpack001/E1-20200827_090915
unpack001/E1-20200827_095810
unpack001/E1-20200827_145627
unpack001/E1-20200827_162348
unpack001/E1-20200827_163610
unpack001/E1-20200827_170748
unpack001/E2-20200827_061428
unpack001/E2-20200827_090615
unpack001/E2-20200827_145402
unpack001/E2-20200827_162454
unpack001/E2-20200827_163448
unpack001/E2-20200827_170621
unpack001/E3-20200827_061531
unpack001/E3-20200827_090928
unpack001/E3-20200827_145656
unpack001/E3-20200827_161903
unpack001/E3-20200827_163630
unpack001/E3-20200827_170815

Files

672d3e3a2dbecb8950cb8bd76c637fad98b59a3d27d1bf18fc327f40fa0948a3
.zip
E1-20200827_061516
.exe windows:4 windows x86 arch:x86

728863fc38c099d9a98a78ba9c6ed2fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\Mr.Anderson\Desktop\2005\27.8.20\Forti\Release\Forti.pdb

Imports

kernel32

GetLastError
VirtualAlloc
ExitProcess
CompareStringW
CompareStringA
SetEndOfFile
GetLocaleInfoW
CreateProcessA
InterlockedIncrement
InterlockedDecrement
Sleep
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
FindNextFileA
FindClose
GetTimeFormatA
GetDateFormatA
HeapFree
RtlUnwind
HeapAlloc
RaiseException
GetCommandLineA
GetVersionExA
GetProcessHeap
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetCPInfo
CloseHandle
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
WriteFile
GetConsoleCP
GetConsoleMode
GetACP
GetOEMCP
GetProcAddress
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetCurrentThread
GetTimeZoneInformation
ReadFile
GetFileAttributesA
HeapDestroy
HeapCreate
VirtualFree
FatalAppExitA
HeapReAlloc
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
FlushFileBuffers
HeapSize
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetConsoleCtrlHandler
SetStdHandle
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FreeLibrary
LoadLibraryA
GetExitCodeProcess
WaitForSingleObject
SetEnvironmentVariableA

user32

SendMessageA
InSendMessage
CreateWindowExA
ShowWindow

Sections

.text
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
E1-20200827_090915
.exe windows:5 windows x86 arch:x86

e825205454d6587faa691258aee1077e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\Mr.Anderson\Desktop\2008\27.8.20\Forti\Release\Forti.pdb

Imports

kernel32

GetLastError
VirtualAlloc
ExitProcess
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

user32

SendMessageA
InSendMessage
CreateWindowExA
ShowWindow

msvcp90

?eof@?$char_traits@D@std@@SAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBEHXZ
?length@?$char_traits@D@std@@SAIPBD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?good@ios_base@std@@QBE_NXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?width@ios_base@std@@QAEHH@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?eq_int_type@?$char_traits@D@std@@SA_NABH0@Z

msvcr90

strchr
??3@YAXPAX@Z
_findclose
_findnext64i32
fwrite
printf
fputc
fgetc
strftime
_localtime64
fread
strlen
putchar
free
sscanf
__CxxFrameHandler3
strcmp
??2@YAPAXI@Z
_wcslwr
malloc
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
exit
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_crt_debugger_hook
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
strcpy
strcat
_findfirst64i32
fopen
ftell
fseek
fclose
strncpy
system

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 659KB - Virtual size: 658KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
E1-20200827_095810
.exe windows:5 windows x86 arch:x86

e825205454d6587faa691258aee1077e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\Mr.Anderson\Desktop\2008\27.8.20\Forti\Release\Forti.pdb

Imports

kernel32

GetLastError
VirtualAlloc
ExitProcess
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

user32

SendMessageA
InSendMessage
CreateWindowExA
ShowWindow

msvcp90

?eof@?$char_traits@D@std@@SAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBEHXZ
?length@?$char_traits@D@std@@SAIPBD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?good@ios_base@std@@QBE_NXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?width@ios_base@std@@QAEHH@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?eq_int_type@?$char_traits@D@std@@SA_NABH0@Z

msvcr90

strchr
??3@YAXPAX@Z
_findclose
_findnext64i32
fwrite
printf
fputc
fgetc
strftime
_localtime64
fread
strlen
putchar
free
sscanf
__CxxFrameHandler3
strcmp
??2@YAPAXI@Z
_wcslwr
malloc
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
exit
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_crt_debugger_hook
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
strcpy
strcat
_findfirst64i32
fopen
ftell
fseek
fclose
strncpy
system

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
E1-20200827_145627
.exe windows:4 windows x86 arch:x86

9821125889256d10b70df5fe67bc1d33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
HeapAlloc
GetStartupInfoA
GetCommandLineA
RaiseException
HeapFree
TerminateProcess
HeapSize
HeapReAlloc
GetACP
LCMapStringA
LCMapStringW
Sleep
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
InterlockedExchange
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
SetErrorMode
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
LocalFree
GlobalFree
CloseHandle
GetModuleFileNameA
GlobalAlloc
lstrcmpA
GetCurrentThread
lstrcpynA
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GlobalLock
GlobalUnlock
MulDiv
SetLastError
FindResourceA
LoadResource
LockResource
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
lstrcatA
lstrlenA
WinExec
lstrcpyA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
VirtualAlloc
GetLastError
FreeEnvironmentStringsA
ExitProcess

user32

GetFocus
DispatchMessageA
PeekMessageA
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
TabbedTextOutA
DrawTextA
GrayStringA
IsDialogMessageA
SetWindowTextA
IsWindowEnabled
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
GetCursorPos
LoadStringA
PostQuitMessage
ValidateRect
TranslateMessage
GetMessageA
CreateDialogIndirectParamA
EndDialog
GetClassNameA
GetSysColorBrush
SetActiveWindow
SetFocus
AdjustWindowRectEx
IsWindowVisible
GetTopWindow
MessageBoxA
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
DestroyWindow
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
LoadCursorA
CopyIcon
IsWindow
GetMessagePos
ScreenToClient
PtInRect
SetTimer
MessageBeep
SetWindowLongA
KillTimer
ShowWindow
CreateWindowExA
InSendMessage
LoadIconA
EnableWindow
LoadImageA
GetIconInfo
GetDC
CreateIconIndirect
ReleaseDC
FillRect
DrawStateA
GetClientRect
CopyRect
FrameRect
InflateRect
GetSysColor
OffsetRect
DrawFocusRect
GetWindowRect
GetSubMenu
TrackPopupMenuEx
PostMessageA
ClientToScreen
WindowFromPoint
GetActiveWindow
InvalidateRect
SetCursor
GetParent
GetNextDlgTabItem
SendMessageA
GetWindowLongA
DestroyIcon
DestroyCursor
DestroyMenu
UnhookWindowsHookEx
UnregisterClassA

gdi32

SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
MoveToEx
LineTo
SetTextColor
GetDeviceCaps
CreatePen
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
RestoreDC
SaveDC
DeleteDC
BitBlt
GetClipBox
GetTextExtentPoint32A
CreateFontIndirectA
GetObjectA
GetPixel
SetPixel
CreateBitmap
DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetStockObject
SetBkColor

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueA
RegCloseKey

shell32

ShellExecuteExA
ShellExecuteA

comctl32

_TrackMouseEvent
ord17

Sections

.text
Size: 180KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 436KB - Virtual size: 435KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
E1-20200827_162348
.exe windows:4 windows x86 arch:x86

d8d8d40631f0cad1db2bbf50773785f8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord3574
ord640
ord809
ord609
ord323
ord556
ord567
ord825
ord3663
ord3626
ord2414
ord5785
ord4275
ord4284
ord2379
ord2405
ord5053
ord5981
ord2864
ord800
ord3874
ord540
ord4133
ord4297
ord5788
ord472
ord283
ord5875
ord2859
ord613
ord1641
ord1640
ord6880
ord289
ord1146
ord2122
ord4160
ord6358
ord1088
ord2567
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord3830
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord2514
ord641
ord5265
ord4376
ord4853
ord4998
ord6052
ord1775
ord4407
ord5280
ord4425
ord3597
ord1168
ord324
ord2302
ord4234
ord537
ord4710
ord6453
ord3619
ord3721
ord795
ord2614
ord2860
ord6199
ord3797
ord2754
ord858
ord535
ord6197
ord6605
ord941
ord5572
ord2915
ord1200
ord926
ord2818
ord860
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord4353
ord6374
ord5163
ord5241
ord4396
ord1776
ord4078
ord6055
ord3571
ord3402
ord5277
ord5290
ord2385
ord1089
ord2575
ord1576

msvcrt

_except_handler3
_setmbcp
__CxxFrameHandler
_EH_prolog
memset
strlen
_ftol
_mbsnbcpy
_wcslwr
malloc
_mbsstr
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp

kernel32

GetStartupInfoA
GetModuleHandleA
ExitProcess
GetLastError
VirtualAlloc
FreeLibrary
LoadLibraryA
GetWindowsDirectoryA
lstrcpyA
WinExec
lstrlenA
GetProcAddress
lstrcatA

user32

LoadIconA
InSendMessage
CreateWindowExA
ShowWindow
KillTimer
SetWindowLongA
GetIconInfo
SetTimer
PtInRect
ScreenToClient
GetMessagePos
IsWindow
CopyIcon
LoadCursorA
GetDC
CreateIconIndirect
EnableWindow
FillRect
DrawStateA
GetClientRect
CopyRect
FrameRect
InflateRect
GetSysColor
OffsetRect
DrawFocusRect
GetWindowRect
GetSubMenu
TrackPopupMenuEx
PostMessageA
ClientToScreen
WindowFromPoint
GetActiveWindow
InvalidateRect
LoadMenuA
ReleaseDC
LoadImageA
SetCursor
GetParent
GetNextDlgTabItem
SendMessageA
GetWindowLongA
DestroyIcon
DestroyCursor
DestroyMenu
MessageBeep

gdi32

GetTextExtentPoint32A
CreateFontIndirectA
GetObjectA
GetPixel
SetPixel
CreateBitmap
DeleteObject
GetStockObject
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
DeleteDC
SetTextColor
SetBkColor

advapi32

RegQueryValueA
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteExA
ShellExecuteA

comctl32

_TrackMouseEvent

msvcp60

??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

Sections

.text
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 428KB - Virtual size: 426KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
E1-20200827_163610
.exe windows:4 windows x86 arch:x86

20580d681e86f3cab367f8648b67138d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
HeapReAlloc
TerminateProcess
HeapSize
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
VirtualProtect
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
HeapFree
HeapAlloc
RtlUnwind
SetErrorMode
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
WritePrivateProfileStringA
RaiseException
GetOEMCP
GetCPInfo
InterlockedIncrement
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
CloseHandle
GetCurrentThread
lstrcmpA
GetModuleFileNameA
ConvertDefaultLocale
EnumResourceLanguagesA
InterlockedDecrement
GlobalFree
GlobalAlloc
FormatMessageA
LocalFree
GlobalLock
GlobalUnlock
MulDiv
SetLastError
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
lstrcpynA
GetModuleHandleA
GetProcAddress
lstrcmpiA
GetVersion
MultiByteToWideChar
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
lstrcatA
lstrlenA
WinExec
lstrcpyA
VirtualAlloc
GetLastError
ExitProcess
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
SetHandleCount
InterlockedExchange

user32

GetSysColorBrush
wsprintfA
GetDesktopWindow
CreateDialogIndirectParamA
EndDialog
GetMessageA
TranslateMessage
ValidateRect
PostQuitMessage
GetCursorPos
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
IsWindowEnabled
SetWindowTextA
IsDialogMessageA
GetMenuState
EndPaint
BeginPaint
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
RegisterWindowMessageA
WinHelpA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetLastActivePopup
SetActiveWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageA
MapWindowPoints
MessageBoxA
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
GetMenuItemID
GetMenuItemCount
AdjustWindowRectEx
DestroyIcon
DrawStateA
ReleaseDC
CreateIconIndirect
GetDC
GetIconInfo
GetSysColor
CopyRect
InflateRect
OffsetRect
FillRect
FrameRect
DrawFocusRect
SendMessageA
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindow
SetWindowLongA
LoadCursorA
CopyIcon
MessageBeep
IsWindow
GetMessagePos
KillTimer
SetTimer
GetForegroundWindow
GetWindowRect
GetClientRect
ClientToScreen
InvalidateRect
GetActiveWindow
GetNextDlgTabItem
GetParent
WindowFromPoint
EnableWindow
GetWindowLongA
DestroyMenu
DestroyCursor
SetCursor
PostMessageA
TrackPopupMenuEx
GetSubMenu
LoadImageA
ScreenToClient
PtInRect
ShowWindow
CreateWindowExA
InSendMessage
LoadIconA
GetCapture

gdi32

GetDeviceCaps
CreatePen
CreateSolidBrush
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
DeleteObject
MoveToEx
LineTo
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetClipBox
GetTextExtentPoint32A
CreateFontIndirectA
CreateCompatibleBitmap
GetObjectA
GetPixel
SetPixel
CreateBitmap
CreateCompatibleDC
SelectObject
SetBkColor
BitBlt
SetTextColor
DeleteDC
GetStockObject

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA
RegDeleteKeyA
RegEnumKeyA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteA
ShellExecuteExA

comctl32

_TrackMouseEvent
ord17

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 444KB - Virtual size: 440KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
E1-20200827_170748
.exe windows:4 windows x86 arch:x86

09293916addc93d75427dd172835a317

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\Mr.Anderson\Desktop\Vc++ 6.0\27.8.20\CMapEditorCtrl_Demo\Release\MapEd.pdb

Imports

kernel32

GetStartupInfoA
GetCommandLineA
HeapReAlloc
TerminateProcess
HeapSize
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
VirtualQuery
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
InterlockedExchange
GetSystemInfo
VirtualProtect
HeapFree
HeapAlloc
RtlUnwind
GetTickCount
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
SetErrorMode
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
WritePrivateProfileStringA
FileTimeToSystemTime
RaiseException
GetOEMCP
GetCPInfo
InterlockedIncrement
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
CloseHandle
GetCurrentThread
lstrcmpA
GetModuleFileNameA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
InterlockedDecrement
SetLastError
GlobalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
lstrcpynA
GetModuleHandleA
GetProcAddress
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
MultiByteToWideChar
VirtualAlloc
GetLastError
ExitProcess
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetEnvironmentStrings

user32

RegisterClipboardFormatA
GetDCEx
LockWindowUpdate
PostThreadMessageA
SetParent
SetRect
IsRectEmpty
CharNextA
ReleaseCapture
WindowFromPoint
SetCapture
DestroyMenu
wsprintfA
SetRectEmpty
IsZoomed
SetWindowContextHelpId
MapDialogRect
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetMessageA
TranslateMessage
GetActiveWindow
ValidateRect
SetCursor
PostQuitMessage
InflateRect
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
IsWindowEnabled
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemInt
GetDlgItemInt
RegisterWindowMessageA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
IsWindow
SetFocus
IsChild
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
DrawStateA
EqualRect
DrawFocusRect
GetClientRect
ScreenToClient
GetDC
ReleaseDC
EnableScrollBar
SetTimer
KillTimer
EnableWindow
LoadCursorA
GetCursorPos
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
UpdateWindow
GetMenu
PostMessageA
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
GetParent
DeferWindowPos
GetScrollInfo
SetScrollInfo
RegisterClassA
UnregisterClassA
GetDlgCtrlID
CallWindowProcA
GetWindowLongA
SetWindowLongA
SetWindowPos
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
WinHelpA
CopyAcceleratorTableA
GetSysColorBrush
DefWindowProcA
GetClassInfoA
DrawIcon
SendMessageA
IsIconic
InvalidateRect
LoadIconA
InSendMessage
CreateWindowExA
ShowWindow
GetSystemMetrics
MessageBoxA
LoadStringA
LoadBitmapA
CharUpperA
GetWindow
PtInRect
CopyRect
GetWindowRect
GetWindowPlacement
SystemParametersInfoA
IntersectRect
OffsetRect

gdi32

CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
GetTextMetricsA
GetTextExtentPoint32A
GetTextColor
GetRgnBox
GetStockObject
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
GetBkColor
CreatePen
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
IntersectClipRect
ExcludeClipRect
SetMapMode
RestoreDC
SaveDC
GetDeviceCaps
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
BitBlt
Polyline
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
PtVisible

msimg32

TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

comctl32

ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
StgCreateDocfileOnILockBytes
CoTaskMemFree
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoTaskMemAlloc
OleInitialize

oleaut32

VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysFreeString
SysStringLen
SysAllocStringByteLen
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
SysAllocString
OleCreateFontIndirect

Sections

.text
Size: 240KB - Virtual size: 237KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
E2-20200827_061428
.exe windows:4 windows x86 arch:x86

728863fc38c099d9a98a78ba9c6ed2fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\Mr.Anderson\Desktop\2005\27.8.20\Forti\Release\Forti.pdb

Imports

kernel32

GetLastError
VirtualAlloc
ExitProcess
CompareStringW
CompareStringA
SetEndOfFile
GetLocaleInfoW
CreateProcessA
InterlockedIncrement
InterlockedDecrement
Sleep
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
FindNextFileA
FindClose
GetTimeFormatA
GetDateFormatA
HeapFree
RtlUnwind
HeapAlloc
RaiseException
GetCommandLineA
GetVersionExA
GetProcessHeap
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetCPInfo
CloseHandle
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
WriteFile
GetConsoleCP
GetConsoleMode
GetACP
GetOEMCP
GetProcAddress
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetCurrentThread
GetTimeZoneInformation
ReadFile
GetFileAttributesA
HeapDestroy
HeapCreate
VirtualFree
FatalAppExitA
HeapReAlloc
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
FlushFileBuffers
HeapSize
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetConsoleCtrlHandler
SetStdHandle
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FreeLibrary
LoadLibraryA
GetExitCodeProcess
WaitForSingleObject
SetEnvironmentVariableA

user32

SendMessageA
InSendMessage
CreateWindowExA
ShowWindow

Sections

.text
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
E2-20200827_090615
.exe windows:5 windows x86 arch:x86

e825205454d6587faa691258aee1077e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\Mr.Anderson\Desktop\2008\27.8.20\Forti\Release\Forti.pdb

Imports

kernel32

GetLastError
VirtualAlloc
ExitProcess
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

user32

SendMessageA
InSendMessage
CreateWindowExA
ShowWindow

msvcp90

?eof@?$char_traits@D@std@@SAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBEHXZ
?length@?$char_traits@D@std@@SAIPBD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?good@ios_base@std@@QBE_NXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?width@ios_base@std@@QAEHH@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?eq_int_type@?$char_traits@D@std@@SA_NABH0@Z

msvcr90

strchr
??3@YAXPAX@Z
_findclose
_findnext64i32
fwrite
printf
fputc
fgetc
strftime
_localtime64
fread
strlen
putchar
free
sscanf
__CxxFrameHandler3
strcmp
??2@YAPAXI@Z
_wcslwr
malloc
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
exit
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_crt_debugger_hook
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
strcpy
strcat
_findfirst64i32
fopen
ftell
fseek
fclose
strncpy
system

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 659KB - Virtual size: 658KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
E2-20200827_145402
.exe windows:4 windows x86 arch:x86

9821125889256d10b70df5fe67bc1d33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
HeapAlloc
GetStartupInfoA
GetCommandLineA
RaiseException
HeapFree
TerminateProcess
HeapSize
HeapReAlloc
GetACP
LCMapStringA
LCMapStringW
Sleep
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
InterlockedExchange
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
SetErrorMode
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
LocalFree
GlobalFree
CloseHandle
GetModuleFileNameA
GlobalAlloc
lstrcmpA
GetCurrentThread
lstrcpynA
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GlobalLock
GlobalUnlock
MulDiv
SetLastError
FindResourceA
LoadResource
LockResource
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
lstrcatA
lstrlenA
WinExec
lstrcpyA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
VirtualAlloc
GetLastError
FreeEnvironmentStringsA
ExitProcess

user32

GetFocus
DispatchMessageA
PeekMessageA
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
TabbedTextOutA
DrawTextA
GrayStringA
IsDialogMessageA
SetWindowTextA
IsWindowEnabled
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
GetCursorPos
LoadStringA
PostQuitMessage
ValidateRect
TranslateMessage
GetMessageA
CreateDialogIndirectParamA
EndDialog
GetClassNameA
GetSysColorBrush
SetActiveWindow
SetFocus
AdjustWindowRectEx
IsWindowVisible
GetTopWindow
MessageBoxA
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
DestroyWindow
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
LoadCursorA
CopyIcon
IsWindow
GetMessagePos
ScreenToClient
PtInRect
SetTimer
MessageBeep
SetWindowLongA
KillTimer
ShowWindow
CreateWindowExA
InSendMessage
LoadIconA
EnableWindow
LoadImageA
GetIconInfo
GetDC
CreateIconIndirect
ReleaseDC
FillRect
DrawStateA
GetClientRect
CopyRect
FrameRect
InflateRect
GetSysColor
OffsetRect
DrawFocusRect
GetWindowRect
GetSubMenu
TrackPopupMenuEx
PostMessageA
ClientToScreen
WindowFromPoint
GetActiveWindow
InvalidateRect
SetCursor
GetParent
GetNextDlgTabItem
SendMessageA
GetWindowLongA
DestroyIcon
DestroyCursor
DestroyMenu
UnhookWindowsHookEx
UnregisterClassA

gdi32

SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
MoveToEx
LineTo
SetTextColor
GetDeviceCaps
CreatePen
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
RestoreDC
SaveDC
DeleteDC
BitBlt
GetClipBox
GetTextExtentPoint32A
CreateFontIndirectA
GetObjectA
GetPixel
SetPixel
CreateBitmap
DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetStockObject
SetBkColor

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueA
RegCloseKey

shell32

ShellExecuteExA
ShellExecuteA

comctl32

_TrackMouseEvent
ord17

Sections

.text
Size: 180KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 436KB - Virtual size: 435KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
E2-20200827_162454
.exe windows:4 windows x86 arch:x86

d8d8d40631f0cad1db2bbf50773785f8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord3574
ord640
ord809
ord609
ord323
ord556
ord567
ord825
ord3663
ord3626
ord2414
ord5785
ord4275
ord4284
ord2379
ord2405
ord5053
ord5981
ord2864
ord800
ord3874
ord540
ord4133
ord4297
ord5788
ord472
ord283
ord5875
ord2859
ord613
ord1641
ord1640
ord6880
ord289
ord1146
ord2122
ord4160
ord6358
ord1088
ord2567
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord3830
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord2514
ord641
ord5265
ord4376
ord4853
ord4998
ord6052
ord1775
ord4407
ord5280
ord4425
ord3597
ord1168
ord324
ord2302
ord4234
ord537
ord4710
ord6453
ord3619
ord3721
ord795
ord2614
ord2860
ord6199
ord3797
ord2754
ord858
ord535
ord6197
ord6605
ord941
ord5572
ord2915
ord1200
ord926
ord2818
ord860
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord4353
ord6374
ord5163
ord5241
ord4396
ord1776
ord4078
ord6055
ord3571
ord3402
ord5277
ord5290
ord2385
ord1089
ord2575
ord1576

msvcrt

_except_handler3
_setmbcp
__CxxFrameHandler
_EH_prolog
memset
strlen
_ftol
_mbsnbcpy
_wcslwr
malloc
_mbsstr
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp

kernel32

GetStartupInfoA
GetModuleHandleA
ExitProcess
GetLastError
VirtualAlloc
FreeLibrary
LoadLibraryA
GetWindowsDirectoryA
lstrcpyA
WinExec
lstrlenA
GetProcAddress
lstrcatA

user32

LoadIconA
InSendMessage
CreateWindowExA
ShowWindow
KillTimer
SetWindowLongA
GetIconInfo
SetTimer
PtInRect
ScreenToClient
GetMessagePos
IsWindow
CopyIcon
LoadCursorA
GetDC
CreateIconIndirect
EnableWindow
FillRect
DrawStateA
GetClientRect
CopyRect
FrameRect
InflateRect
GetSysColor
OffsetRect
DrawFocusRect
GetWindowRect
GetSubMenu
TrackPopupMenuEx
PostMessageA
ClientToScreen
WindowFromPoint
GetActiveWindow
InvalidateRect
LoadMenuA
ReleaseDC
LoadImageA
SetCursor
GetParent
GetNextDlgTabItem
SendMessageA
GetWindowLongA
DestroyIcon
DestroyCursor
DestroyMenu
MessageBeep

gdi32

GetTextExtentPoint32A
CreateFontIndirectA
GetObjectA
GetPixel
SetPixel
CreateBitmap
DeleteObject
GetStockObject
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
DeleteDC
SetTextColor
SetBkColor

advapi32

RegQueryValueA
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteExA
ShellExecuteA

comctl32

_TrackMouseEvent

msvcp60

??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

Sections

.text
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 428KB - Virtual size: 426KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
E2-20200827_163448
.exe windows:4 windows x86 arch:x86

20580d681e86f3cab367f8648b67138d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
HeapReAlloc
TerminateProcess
HeapSize
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
VirtualProtect
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
HeapFree
HeapAlloc
RtlUnwind
SetErrorMode
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
WritePrivateProfileStringA
RaiseException
GetOEMCP
GetCPInfo
InterlockedIncrement
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
CloseHandle
GetCurrentThread
lstrcmpA
GetModuleFileNameA
ConvertDefaultLocale
EnumResourceLanguagesA
InterlockedDecrement
GlobalFree
GlobalAlloc
FormatMessageA
LocalFree
GlobalLock
GlobalUnlock
MulDiv
SetLastError
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
lstrcpynA
GetModuleHandleA
GetProcAddress
lstrcmpiA
GetVersion
MultiByteToWideChar
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
lstrcatA
lstrlenA
WinExec
lstrcpyA
VirtualAlloc
GetLastError
ExitProcess
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
SetHandleCount
InterlockedExchange

user32

GetSysColorBrush
wsprintfA
GetDesktopWindow
CreateDialogIndirectParamA
EndDialog
GetMessageA
TranslateMessage
ValidateRect
PostQuitMessage
GetCursorPos
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
IsWindowEnabled
SetWindowTextA
IsDialogMessageA
GetMenuState
EndPaint
BeginPaint
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
RegisterWindowMessageA
WinHelpA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetLastActivePopup
SetActiveWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageA
MapWindowPoints
MessageBoxA
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
GetMenuItemID
GetMenuItemCount
AdjustWindowRectEx
DestroyIcon
DrawStateA
ReleaseDC
CreateIconIndirect
GetDC
GetIconInfo
GetSysColor
CopyRect
InflateRect
OffsetRect
FillRect
FrameRect
DrawFocusRect
SendMessageA
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindow
SetWindowLongA
LoadCursorA
CopyIcon
MessageBeep
IsWindow
GetMessagePos
KillTimer
SetTimer
GetForegroundWindow
GetWindowRect
GetClientRect
ClientToScreen
InvalidateRect
GetActiveWindow
GetNextDlgTabItem
GetParent
WindowFromPoint
EnableWindow
GetWindowLongA
DestroyMenu
DestroyCursor
SetCursor
PostMessageA
TrackPopupMenuEx
GetSubMenu
LoadImageA
ScreenToClient
PtInRect
ShowWindow
CreateWindowExA
InSendMessage
LoadIconA
GetCapture

gdi32

GetDeviceCaps
CreatePen
CreateSolidBrush
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
DeleteObject
MoveToEx
LineTo
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetClipBox
GetTextExtentPoint32A
CreateFontIndirectA
CreateCompatibleBitmap
GetObjectA
GetPixel
SetPixel
CreateBitmap
CreateCompatibleDC
SelectObject
SetBkColor
BitBlt
SetTextColor
DeleteDC
GetStockObject

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA
RegDeleteKeyA
RegEnumKeyA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteA
ShellExecuteExA

comctl32

_TrackMouseEvent
ord17

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 444KB - Virtual size: 440KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
E2-20200827_170621
.exe windows:4 windows x86 arch:x86

09293916addc93d75427dd172835a317

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\Mr.Anderson\Desktop\Vc++ 6.0\27.8.20\CMapEditorCtrl_Demo\Release\MapEd.pdb

Imports

kernel32

GetStartupInfoA
GetCommandLineA
HeapReAlloc
TerminateProcess
HeapSize
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
VirtualQuery
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
InterlockedExchange
GetSystemInfo
VirtualProtect
HeapFree
HeapAlloc
RtlUnwind
GetTickCount
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
SetErrorMode
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
WritePrivateProfileStringA
FileTimeToSystemTime
RaiseException
GetOEMCP
GetCPInfo
InterlockedIncrement
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
CloseHandle
GetCurrentThread
lstrcmpA
GetModuleFileNameA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
InterlockedDecrement
SetLastError
GlobalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
lstrcpynA
GetModuleHandleA
GetProcAddress
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
MultiByteToWideChar
VirtualAlloc
GetLastError
ExitProcess
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetEnvironmentStrings

user32

RegisterClipboardFormatA
GetDCEx
LockWindowUpdate
PostThreadMessageA
SetParent
SetRect
IsRectEmpty
CharNextA
ReleaseCapture
WindowFromPoint
SetCapture
DestroyMenu
wsprintfA
SetRectEmpty
IsZoomed
SetWindowContextHelpId
MapDialogRect
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetMessageA
TranslateMessage
GetActiveWindow
ValidateRect
SetCursor
PostQuitMessage
InflateRect
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
IsWindowEnabled
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemInt
GetDlgItemInt
RegisterWindowMessageA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
IsWindow
SetFocus
IsChild
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
DrawStateA
EqualRect
DrawFocusRect
GetClientRect
ScreenToClient
GetDC
ReleaseDC
EnableScrollBar
SetTimer
KillTimer
EnableWindow
LoadCursorA
GetCursorPos
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
UpdateWindow
GetMenu
PostMessageA
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
GetParent
DeferWindowPos
GetScrollInfo
SetScrollInfo
RegisterClassA
UnregisterClassA
GetDlgCtrlID
CallWindowProcA
GetWindowLongA
SetWindowLongA
SetWindowPos
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
WinHelpA
CopyAcceleratorTableA
GetSysColorBrush
DefWindowProcA
GetClassInfoA
DrawIcon
SendMessageA
IsIconic
InvalidateRect
LoadIconA
InSendMessage
CreateWindowExA
ShowWindow
GetSystemMetrics
MessageBoxA
LoadStringA
LoadBitmapA
CharUpperA
GetWindow
PtInRect
CopyRect
GetWindowRect
GetWindowPlacement
SystemParametersInfoA
IntersectRect
OffsetRect

gdi32

CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
GetTextMetricsA
GetTextExtentPoint32A
GetTextColor
GetRgnBox
GetStockObject
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
GetBkColor
CreatePen
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
IntersectClipRect
ExcludeClipRect
SetMapMode
RestoreDC
SaveDC
GetDeviceCaps
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
BitBlt
Polyline
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
PtVisible

msimg32

TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

comctl32

ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
StgCreateDocfileOnILockBytes
CoTaskMemFree
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoTaskMemAlloc
OleInitialize

oleaut32

VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysFreeString
SysStringLen
SysAllocStringByteLen
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
SysAllocString
OleCreateFontIndirect

Sections

.text
Size: 240KB - Virtual size: 237KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
E3-20200827_061531
.exe windows:4 windows x86 arch:x86

728863fc38c099d9a98a78ba9c6ed2fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\Mr.Anderson\Desktop\2005\27.8.20\Forti\Release\Forti.pdb

Imports

kernel32

GetLastError
VirtualAlloc
ExitProcess
CompareStringW
CompareStringA
SetEndOfFile
GetLocaleInfoW
CreateProcessA
InterlockedIncrement
InterlockedDecrement
Sleep
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
FindNextFileA
FindClose
GetTimeFormatA
GetDateFormatA
HeapFree
RtlUnwind
HeapAlloc
RaiseException
GetCommandLineA
GetVersionExA
GetProcessHeap
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetCPInfo
CloseHandle
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
WriteFile
GetConsoleCP
GetConsoleMode
GetACP
GetOEMCP
GetProcAddress
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetCurrentThread
GetTimeZoneInformation
ReadFile
GetFileAttributesA
HeapDestroy
HeapCreate
VirtualFree
FatalAppExitA
HeapReAlloc
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
FlushFileBuffers
HeapSize
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetConsoleCtrlHandler
SetStdHandle
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FreeLibrary
LoadLibraryA
GetExitCodeProcess
WaitForSingleObject
SetEnvironmentVariableA

user32

SendMessageA
InSendMessage
CreateWindowExA
ShowWindow

Sections

.text
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
E3-20200827_090928
.exe windows:5 windows x86 arch:x86

e825205454d6587faa691258aee1077e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\Mr.Anderson\Desktop\2008\27.8.20\Forti\Release\Forti.pdb

Imports

kernel32

GetLastError
VirtualAlloc
ExitProcess
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

user32

SendMessageA
InSendMessage
CreateWindowExA
ShowWindow

msvcp90

?eof@?$char_traits@D@std@@SAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBEHXZ
?length@?$char_traits@D@std@@SAIPBD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?good@ios_base@std@@QBE_NXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?width@ios_base@std@@QAEHH@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?eq_int_type@?$char_traits@D@std@@SA_NABH0@Z

msvcr90

strchr
??3@YAXPAX@Z
_findclose
_findnext64i32
fwrite
printf
fputc
fgetc
strftime
_localtime64
fread
strlen
putchar
free
sscanf
__CxxFrameHandler3
strcmp
??2@YAPAXI@Z
_wcslwr
malloc
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
exit
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_crt_debugger_hook
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
strcpy
strcat
_findfirst64i32
fopen
ftell
fseek
fclose
strncpy
system

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 659KB - Virtual size: 659KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
E3-20200827_145656
.exe windows:4 windows x86 arch:x86

9821125889256d10b70df5fe67bc1d33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
HeapAlloc
GetStartupInfoA
GetCommandLineA
RaiseException
HeapFree
TerminateProcess
HeapSize
HeapReAlloc
GetACP
LCMapStringA
LCMapStringW
Sleep
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
InterlockedExchange
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
SetErrorMode
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
LocalFree
GlobalFree
CloseHandle
GetModuleFileNameA
GlobalAlloc
lstrcmpA
GetCurrentThread
lstrcpynA
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GlobalLock
GlobalUnlock
MulDiv
SetLastError
FindResourceA
LoadResource
LockResource
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
lstrcatA
lstrlenA
WinExec
lstrcpyA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
VirtualAlloc
GetLastError
FreeEnvironmentStringsA
ExitProcess

user32

GetFocus
DispatchMessageA
PeekMessageA
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
TabbedTextOutA
DrawTextA
GrayStringA
IsDialogMessageA
SetWindowTextA
IsWindowEnabled
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
GetCursorPos
LoadStringA
PostQuitMessage
ValidateRect
TranslateMessage
GetMessageA
CreateDialogIndirectParamA
EndDialog
GetClassNameA
GetSysColorBrush
SetActiveWindow
SetFocus
AdjustWindowRectEx
IsWindowVisible
GetTopWindow
MessageBoxA
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
DestroyWindow
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
LoadCursorA
CopyIcon
IsWindow
GetMessagePos
ScreenToClient
PtInRect
SetTimer
MessageBeep
SetWindowLongA
KillTimer
ShowWindow
CreateWindowExA
InSendMessage
LoadIconA
EnableWindow
LoadImageA
GetIconInfo
GetDC
CreateIconIndirect
ReleaseDC
FillRect
DrawStateA
GetClientRect
CopyRect
FrameRect
InflateRect
GetSysColor
OffsetRect
DrawFocusRect
GetWindowRect
GetSubMenu
TrackPopupMenuEx
PostMessageA
ClientToScreen
WindowFromPoint
GetActiveWindow
InvalidateRect
SetCursor
GetParent
GetNextDlgTabItem
SendMessageA
GetWindowLongA
DestroyIcon
DestroyCursor
DestroyMenu
UnhookWindowsHookEx
UnregisterClassA

gdi32

SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
MoveToEx
LineTo
SetTextColor
GetDeviceCaps
CreatePen
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
RestoreDC
SaveDC
DeleteDC
BitBlt
GetClipBox
GetTextExtentPoint32A
CreateFontIndirectA
GetObjectA
GetPixel
SetPixel
CreateBitmap
DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetStockObject
SetBkColor

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueA
RegCloseKey

shell32

ShellExecuteExA
ShellExecuteA

comctl32

_TrackMouseEvent
ord17

Sections

.text
Size: 180KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 440KB - Virtual size: 436KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
E3-20200827_161903
.exe windows:4 windows x86 arch:x86

d8d8d40631f0cad1db2bbf50773785f8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord3574
ord640
ord809
ord609
ord323
ord556
ord567
ord825
ord3663
ord3626
ord2414
ord5785
ord4275
ord4284
ord2379
ord2405
ord5053
ord5981
ord2864
ord800
ord3874
ord540
ord4133
ord4297
ord5788
ord472
ord283
ord5875
ord2859
ord613
ord1641
ord1640
ord6880
ord289
ord1146
ord2122
ord4160
ord6358
ord1088
ord2567
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord3830
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord2514
ord641
ord5265
ord4376
ord4853
ord4998
ord6052
ord1775
ord4407
ord5280
ord4425
ord3597
ord1168
ord324
ord2302
ord4234
ord537
ord4710
ord6453
ord3619
ord3721
ord795
ord2614
ord2860
ord6199
ord3797
ord2754
ord858
ord535
ord6197
ord6605
ord941
ord5572
ord2915
ord1200
ord926
ord2818
ord860
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord4353
ord6374
ord5163
ord5241
ord4396
ord1776
ord4078
ord6055
ord3571
ord3402
ord5277
ord5290
ord2385
ord1089
ord2575
ord1576

msvcrt

_except_handler3
_setmbcp
__CxxFrameHandler
_EH_prolog
memset
strlen
_ftol
_mbsnbcpy
_wcslwr
malloc
_mbsstr
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp

kernel32

GetStartupInfoA
GetModuleHandleA
ExitProcess
GetLastError
VirtualAlloc
FreeLibrary
LoadLibraryA
GetWindowsDirectoryA
lstrcpyA
WinExec
lstrlenA
GetProcAddress
lstrcatA

user32

LoadIconA
InSendMessage
CreateWindowExA
ShowWindow
KillTimer
SetWindowLongA
GetIconInfo
SetTimer
PtInRect
ScreenToClient
GetMessagePos
IsWindow
CopyIcon
LoadCursorA
GetDC
CreateIconIndirect
EnableWindow
FillRect
DrawStateA
GetClientRect
CopyRect
FrameRect
InflateRect
GetSysColor
OffsetRect
DrawFocusRect
GetWindowRect
GetSubMenu
TrackPopupMenuEx
PostMessageA
ClientToScreen
WindowFromPoint
GetActiveWindow
InvalidateRect
LoadMenuA
ReleaseDC
LoadImageA
SetCursor
GetParent
GetNextDlgTabItem
SendMessageA
GetWindowLongA
DestroyIcon
DestroyCursor
DestroyMenu
MessageBeep

gdi32

GetTextExtentPoint32A
CreateFontIndirectA
GetObjectA
GetPixel
SetPixel
CreateBitmap
DeleteObject
GetStockObject
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
DeleteDC
SetTextColor
SetBkColor

advapi32

RegQueryValueA
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteExA
ShellExecuteA

comctl32

_TrackMouseEvent

msvcp60

??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

Sections

.text
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 428KB - Virtual size: 426KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
E3-20200827_163630
.exe windows:4 windows x86 arch:x86

20580d681e86f3cab367f8648b67138d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
HeapReAlloc
TerminateProcess
HeapSize
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
VirtualProtect
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
HeapFree
HeapAlloc
RtlUnwind
SetErrorMode
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
WritePrivateProfileStringA
RaiseException
GetOEMCP
GetCPInfo
InterlockedIncrement
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
CloseHandle
GetCurrentThread
lstrcmpA
GetModuleFileNameA
ConvertDefaultLocale
EnumResourceLanguagesA
InterlockedDecrement
GlobalFree
GlobalAlloc
FormatMessageA
LocalFree
GlobalLock
GlobalUnlock
MulDiv
SetLastError
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
lstrcpynA
GetModuleHandleA
GetProcAddress
lstrcmpiA
GetVersion
MultiByteToWideChar
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
lstrcatA
lstrlenA
WinExec
lstrcpyA
VirtualAlloc
GetLastError
ExitProcess
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
SetHandleCount
InterlockedExchange

user32

GetSysColorBrush
wsprintfA
GetDesktopWindow
CreateDialogIndirectParamA
EndDialog
GetMessageA
TranslateMessage
ValidateRect
PostQuitMessage
GetCursorPos
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
IsWindowEnabled
SetWindowTextA
IsDialogMessageA
GetMenuState
EndPaint
BeginPaint
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
RegisterWindowMessageA
WinHelpA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetLastActivePopup
SetActiveWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageA
MapWindowPoints
MessageBoxA
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
GetMenuItemID
GetMenuItemCount
AdjustWindowRectEx
DestroyIcon
DrawStateA
ReleaseDC
CreateIconIndirect
GetDC
GetIconInfo
GetSysColor
CopyRect
InflateRect
OffsetRect
FillRect
FrameRect
DrawFocusRect
SendMessageA
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindow
SetWindowLongA
LoadCursorA
CopyIcon
MessageBeep
IsWindow
GetMessagePos
KillTimer
SetTimer
GetForegroundWindow
GetWindowRect
GetClientRect
ClientToScreen
InvalidateRect
GetActiveWindow
GetNextDlgTabItem
GetParent
WindowFromPoint
EnableWindow
GetWindowLongA
DestroyMenu
DestroyCursor
SetCursor
PostMessageA
TrackPopupMenuEx
GetSubMenu
LoadImageA
ScreenToClient
PtInRect
ShowWindow
CreateWindowExA
InSendMessage
LoadIconA
GetCapture

gdi32

GetDeviceCaps
CreatePen
CreateSolidBrush
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
DeleteObject
MoveToEx
LineTo
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetClipBox
GetTextExtentPoint32A
CreateFontIndirectA
CreateCompatibleBitmap
GetObjectA
GetPixel
SetPixel
CreateBitmap
CreateCompatibleDC
SelectObject
SetBkColor
BitBlt
SetTextColor
DeleteDC
GetStockObject

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA
RegDeleteKeyA
RegEnumKeyA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteA
ShellExecuteExA

comctl32

_TrackMouseEvent
ord17

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 444KB - Virtual size: 440KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
E3-20200827_170815
.exe windows:4 windows x86 arch:x86

09293916addc93d75427dd172835a317

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\Mr.Anderson\Desktop\Vc++ 6.0\27.8.20\CMapEditorCtrl_Demo\Release\MapEd.pdb

Imports

kernel32

GetStartupInfoA
GetCommandLineA
HeapReAlloc
TerminateProcess
HeapSize
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
VirtualQuery
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
InterlockedExchange
GetSystemInfo
VirtualProtect
HeapFree
HeapAlloc
RtlUnwind
GetTickCount
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
SetErrorMode
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
WritePrivateProfileStringA
FileTimeToSystemTime
RaiseException
GetOEMCP
GetCPInfo
InterlockedIncrement
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
CloseHandle
GetCurrentThread
lstrcmpA
GetModuleFileNameA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
InterlockedDecrement
SetLastError
GlobalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
lstrcpynA
GetModuleHandleA
GetProcAddress
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
MultiByteToWideChar
VirtualAlloc
GetLastError
ExitProcess
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetEnvironmentStrings

user32

RegisterClipboardFormatA
GetDCEx
LockWindowUpdate
PostThreadMessageA
SetParent
SetRect
IsRectEmpty
CharNextA
ReleaseCapture
WindowFromPoint
SetCapture
DestroyMenu
wsprintfA
SetRectEmpty
IsZoomed
SetWindowContextHelpId
MapDialogRect
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetMessageA
TranslateMessage
GetActiveWindow
ValidateRect
SetCursor
PostQuitMessage
InflateRect
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
IsWindowEnabled
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemInt
GetDlgItemInt
RegisterWindowMessageA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
IsWindow
SetFocus
IsChild
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
DrawStateA
EqualRect
DrawFocusRect
GetClientRect
ScreenToClient
GetDC
ReleaseDC
EnableScrollBar
SetTimer
KillTimer
EnableWindow
LoadCursorA
GetCursorPos
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
UpdateWindow
GetMenu
PostMessageA
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
GetParent
DeferWindowPos
GetScrollInfo
SetScrollInfo
RegisterClassA
UnregisterClassA
GetDlgCtrlID
CallWindowProcA
GetWindowLongA
SetWindowLongA
SetWindowPos
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
WinHelpA
CopyAcceleratorTableA
GetSysColorBrush
DefWindowProcA
GetClassInfoA
DrawIcon
SendMessageA
IsIconic
InvalidateRect
LoadIconA
InSendMessage
CreateWindowExA
ShowWindow
GetSystemMetrics
MessageBoxA
LoadStringA
LoadBitmapA
CharUpperA
GetWindow
PtInRect
CopyRect
GetWindowRect
GetWindowPlacement
SystemParametersInfoA
IntersectRect
OffsetRect

gdi32

CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
GetTextMetricsA
GetTextExtentPoint32A
GetTextColor
GetRgnBox
GetStockObject
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
GetBkColor
CreatePen
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
IntersectClipRect
ExcludeClipRect
SetMapMode
RestoreDC
SaveDC
GetDeviceCaps
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
BitBlt
Polyline
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
PtVisible

msimg32

TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

comctl32

ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
StgCreateDocfileOnILockBytes
CoTaskMemFree
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoTaskMemAlloc
OleInitialize

oleaut32

VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysFreeString
SysStringLen
SysAllocStringByteLen
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
SysAllocString
OleCreateFontIndirect

Sections

.text
Size: 240KB - Virtual size: 237KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

728863fc38c099d9a98a78ba9c6ed2fb

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

Sections

.text Size: 256KB - Virtual size: 252KB

.rdata Size: 32KB - Virtual size: 28KB

.data Size: 8KB - Virtual size: 15KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 108KB - Virtual size: 105KB

e825205454d6587faa691258aee1077e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

msvcp90

msvcr90

Sections

.text Size: 33KB - Virtual size: 33KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 659KB - Virtual size: 658KB

.reloc Size: 5KB - Virtual size: 4KB

e825205454d6587faa691258aee1077e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

msvcp90

msvcr90

Sections

.text Size: 33KB - Virtual size: 33KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 157KB - Virtual size: 157KB

.reloc Size: 5KB - Virtual size: 4KB

9821125889256d10b70df5fe67bc1d33

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 180KB - Virtual size: 176KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 8KB - Virtual size: 27KB

.rsrc Size: 436KB - Virtual size: 435KB

d8d8d40631f0cad1db2bbf50773785f8

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

gdi32

advapi32

shell32

comctl32

msvcp60

Sections

.text
Size: 256KB - Virtual size: 252KB

.rdata
Size: 32KB - Virtual size: 28KB

.data
Size: 8KB - Virtual size: 15KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 108KB - Virtual size: 105KB

.text
Size: 33KB - Virtual size: 33KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 659KB - Virtual size: 658KB

.reloc
Size: 5KB - Virtual size: 4KB

.text
Size: 33KB - Virtual size: 33KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 157KB - Virtual size: 157KB

.reloc
Size: 5KB - Virtual size: 4KB

.text
Size: 180KB - Virtual size: 176KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 8KB - Virtual size: 27KB

.rsrc
Size: 436KB - Virtual size: 435KB

.text
Size: 92KB - Virtual size: 90KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 428KB - Virtual size: 426KB

.text
Size: 168KB - Virtual size: 166KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 8KB - Virtual size: 25KB

.rsrc
Size: 444KB - Virtual size: 440KB

.text
Size: 240KB - Virtual size: 237KB

.rdata
Size: 48KB - Virtual size: 45KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 164KB - Virtual size: 160KB

.text
Size: 256KB - Virtual size: 252KB

.rdata
Size: 32KB - Virtual size: 28KB

.data
Size: 8KB - Virtual size: 15KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 108KB - Virtual size: 105KB

.text
Size: 33KB - Virtual size: 33KB

.rdata
Size: 5KB - Virtual size: 4KB