Tweak Pack[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

Tweak Pack.rar
Size

3.1MB
MD5

8bf1b1fd4e4dff7f3d878e8e7182a6bd
SHA1

8f7e691e24bc7d148b02040d27d6f7a605e8a5f6
SHA256

e8d703b18d3414500e79e89f2ddba867502528f1db5083976e871e82b27a3ad0
SHA512

2f6fbc824b2d3608846a643953d7c1613a0adc8e6bd75763545f3e9e53b501fb85f75dfe196cd67fdec0c6d5faf3472de6265bacd46a27c022c985350677a0a8
SSDEEP

98304:kgEB/uJrs5VXgyKAIkvVWdLcfvwJSQPCDfc8Mc42:kg8/ukgyYkvccwFCfBMcZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 8 IoCs

Checks for missing Authenticode signature.

resource
unpack002/$PLUGINSDIR/ExecCmd.dll
unpack002/$PLUGINSDIR/InstallOptions.dll
unpack002/$PLUGINSDIR/ShellExecAsUser.dll
unpack002/$PLUGINSDIR/System.dll
unpack002/$PLUGINSDIR/nsDialogs.dll
unpack002/BugTrapU-x64.dll
unpack003/$PLUGINSDIR/ExecCmd.dll
unpack003/$PLUGINSDIR/System.dll

NSIS installer 4 IoCs

installer

resource	yara_rule
static1/unpack001/Tweak Pack/0 Mouse Delay/XMouseButtonControlSetup.2.20.5.exe	nsis_installer_1
static1/unpack001/Tweak Pack/0 Mouse Delay/XMouseButtonControlSetup.2.20.5.exe	nsis_installer_2
static1/unpack002/uninstaller.exe	nsis_installer_1
static1/unpack002/uninstaller.exe	nsis_installer_2

Files

Tweak Pack.rar
.rar
Tweak Pack/! READ BEFORE YOU DO ANYTHING !.txt
Tweak Pack/0 Mouse Delay/XMOUSE SETTINGS.png
.png
Tweak Pack/0 Mouse Delay/XMouseButtonControlSetup.2.20.5.exe
.exe windows:4 windows x86 arch:x86

b1a57b635b23ffd553b3fd1e0960b2bd

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31/05/2021, 06:43

Not After

17/09/2029, 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3d:a5:ca:7c:85:af:e6:68:8f:93:68:ae:a4:98:59:23
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

04/04/2023, 12:39

Not After

03/04/2024, 12:39

Subject

CN=Open Source Developer\, Phillip Gibbons,O=Open Source Developer,ST=Berkshire,C=GB,1.2.840.113549.1.9.1=#0c127068696c406869676872657a2e636f2e756b

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2b:d4:ae:70:b9:d0:63:5b:2a:e9:84:c8:d6:74:aa:30
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

28/07/2022, 08:56

Not After

27/07/2033, 08:56

Subject

CN=Certum Timestamp 2022,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:51:25:86:af:62:b1:0f:b3:4f:04:0b:21:fe:86:b5:d7:76:3b:fb
Signer

Actual PE Digest

1b:51:25:86:af:62:b1:0f:b3:4f:04:0b:21:fe:86:b5:d7:76:3b:fb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
SetFileAttributesA
CompareFileTime
SearchPathA
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
Sleep
lstrcmpiA
lstrlenA
GetVersion
SetErrorMode
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
GetLastError
CreateDirectoryA
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrcatA
GetSystemDirectoryA
WaitForSingleObject
SetFileTime
CloseHandle
GlobalFree
lstrcmpA
ExpandEnvironmentStringsA
GetExitCodeProcess
GlobalAlloc
GetCommandLineA
GetTempPathA
GetProcAddress
FindFirstFileA
FindNextFileA
DeleteFileA
SetFilePointer
ReadFile
FindClose
GetPrivateProfileStringA
WritePrivateProfileStringA
WriteFile
MulDiv
MultiByteToWideChar
LoadLibraryExA
GetModuleHandleA
FreeLibrary

user32

SetCursor
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
EndDialog
ScreenToClient
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetForegroundWindow
GetWindowLongA
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
SetTimer
PostQuitMessage
SetWindowLongA
SendMessageTimeoutA
LoadImageA
wsprintfA
GetDlgItem
FindWindowExA
IsWindow
SetClipboardData
EmptyClipboard
OpenClipboard
EndPaint
CreateDialogParamA
DestroyWindow
ShowWindow
SetWindowTextA

gdi32

SelectObject
SetBkMode
CreateFontIndirectA
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
SHFileOperationA
ShellExecuteA

advapi32

RegDeleteValueA
SetFileSecurityA
RegOpenKeyExA
RegDeleteKeyA
RegEnumValueA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegEnumKeyA

comctl32

ImageList_AddMasked
ImageList_Destroy
ImageList_Create
ord17

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ExecCmd.dll
.dll windows:4 windows x86 arch:x86

bf44c9fb48bb8c36b3e2527e7252350d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
OpenProcess
CloseHandle
GetProcAddress
LoadLibraryA
GetVersionExA
GlobalFree
TerminateProcess
GetExitCodeProcess
WaitForSingleObject
Sleep
CreateProcessA
GlobalAlloc
GetExitCodeThread
lstrcpyA
lstrcpynA
CreateThread
lstrcatA
GetEnvironmentVariableA
lstrcmpiA

user32

SendMessageA
EnumWindows
WaitForInputIdle
wsprintfA
GetWindowThreadProcessId

Exports

Exports

exec
wait

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 802B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 142B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

738dc9bb91549f627cf1953c2000e1d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentDirectoryA
MultiByteToWideChar
SetCurrentDirectoryA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetModuleHandleA
lstrcmpiA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalAlloc
GlobalUnlock
GlobalLock

user32

GetDlgCtrlID
CloseClipboard
GetClipboardData
MapWindowPoints
LoadCursorA
GetClientRect
SetWindowRgn
LoadIconA
GetWindowLongA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
SetCursor
PtInRect
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
EnableMenuItem
DrawTextA
GetSystemMenu
OpenClipboard
LoadImageA

gdi32

SetTextColor
DeleteObject
CombineRgn
CreateRectRgn
GetDIBits
SelectObject
CreateCompatibleDC
GetObjectA

shell32

SHGetPathFromIDListA
ShellExecuteA
SHBrowseForFolderA
SHGetDesktopFolder

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ShellExecAsUser.dll
.dll windows:4 windows x86 arch:x86

fb89301642ac2a39aefdd3cc2610ed81

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcess
CloseHandle
WaitForSingleObject
OutputDebugStringA
MultiByteToWideChar
lstrlenA
GetModuleHandleA
lstrcmpA
SetEvent
GlobalFree
lstrcpyA
GetProcAddress
CreateEventA
GetVersionExA

user32

CreateWindowExA
PostMessageA
GetMessageA
SetWindowLongA
RegisterClassExA
TranslateMessage
DispatchMessageA
DefWindowProcA
DestroyWindow
GetWindowLongA
PostQuitMessage
wsprintfA

advapi32

GetTokenInformation
OpenProcessToken

shell32

ShellExecuteA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysAllocString
VariantClear
SysAllocStringLen
SysFreeString

shlwapi

ord176

msvcrt

malloc
_initterm
free
_beginthreadex
??2@YAPAXI@Z
??3@YAXPAX@Z
memset
_adjust_fdiv

Exports

Exports

ShellExecAsUser

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 426B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

f2ac1ab587d5531d5f1bf76c094aef4c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
GlobalAlloc
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 510B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

f03b2bab186574d8892d3d73fa9fd3fd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesA
lstrcmpiA
MulDiv
lstrlenA
lstrcpyA
GetCurrentDirectoryA
HeapFree
HeapAlloc
HeapReAlloc
GlobalFree
lstrcpynA
GlobalAlloc
SetCurrentDirectoryA
GetProcessHeap

user32

DestroyWindow
CallWindowProcA
SetCursor
LoadCursorA
GetPropA
CharPrevA
MapWindowPoints
GetWindowLongA
DrawTextA
GetClientRect
GetDlgItem
SetWindowLongA
SetWindowPos
CreateDialogParamA
MapDialogRect
GetWindowRect
SetPropA
CreateWindowExA
IsWindow
SetTimer
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
ShowWindow
wsprintfA
CharNextA
SendMessageA
RemovePropA
DrawFocusRect
GetWindowTextA

gdi32

SetTextColor

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BugTrapU-x64.dll
.dll windows:6 windows x64 arch:x64

bce0ab64d2b0769ad1d26a0d18fc1cdd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\projects\bugtrap\bin\BugTrapU-x64.pdb

Imports

ws2_32

gethostbyname
inet_ntoa
WSASocketW
WSASend
WSAGetOverlappedResult
WSAEventSelect
WSAEnumNetworkEvents
WSAGetLastError
shutdown
setsockopt
inet_addr
htons
connect
closesocket
WSACleanup
WSAStartup
gethostname

comctl32

InitCommonControlsEx
ImageList_LoadImageW
ImageList_Destroy

shlwapi

PathRemoveBackslashW
PathRemoveExtensionW
PathSkipRootW
PathFindNextComponentW
PathIsURLW
PathAddExtensionW
PathIsRootW
PathRemoveFileSpecW
UrlIsW
PathCreateFromUrlW
PathAppendW
StrTrimW
StrTrimA
PathIsRelativeW
PathCombineW
PathFindFileNameW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

wininet

HttpEndRequestW
HttpSendRequestExW
HttpOpenRequestW
InternetSetStatusCallbackW
InternetAttemptConnect
InternetWriteFile
InternetConnectW
InternetCloseHandle
InternetOpenW
InternetCrackUrlW
InternetGetLastResponseInfoW

kernel32

GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
Sleep
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
SetLastError
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
HeapSize
GetModuleFileNameW
CreateFileW
WriteFile
CloseHandle
CopyFileW
FindClose
FindFirstFileW
FindNextFileW
RaiseException
SetEvent
WaitForSingleObject
MultiByteToWideChar
GetFileSize
ReadFile
SetFilePointer
GetStringTypeA
MulDiv
FreeLibrary
GetProcAddress
LoadLibraryW
GetProfileIntW
WideCharToMultiByte
GetLastError
GetCurrentProcessId
OpenProcess
GetVersionExW
GetModuleHandleW
DeleteCriticalSection
GetStdHandle
IsProcessorFeaturePresent
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
WriteConsoleW
SetEndOfFile
GetLocalTime
VirtualProtect
VirtualQuery
GetModuleHandleA
RtlCaptureContext
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetCommandLineW
GetCurrentDirectoryW
DeleteFileW
GetFileAttributesW
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
SuspendThread
ResumeThread
GetThreadContext
GlobalMemoryStatusEx
GetSystemInfo
ReadProcessMemory
LocalAlloc
LocalFree
FormatMessageW
GetComputerNameW
SystemTimeToFileTime
GetDateFormatW
GetTimeFormatW
SetUnhandledExceptionFilter
CreateEventW
TerminateProcess
CreateProcessW
DisableThreadLibraryCalls
GetUserDefaultLangID
GetTempPathW
ResetEvent
GetExitCodeThread
LocalReAlloc
WaitForMultipleObjects
CreateDirectoryW
RemoveDirectoryW
GetTickCount
GetStringTypeW
GetWindowsDirectoryW
IsDBCSLeadByte
IsDebuggerPresent
HeapAlloc
EncodePointer
DecodePointer
HeapFree
CreateThread
ExitThread
LoadLibraryExW
RtlUnwindEx
GetCommandLineA
GetSystemTimeAsFileTime
ExitProcess
GetModuleHandleExW
AreFileApisANSI
GetProcessHeap
GetFileType
GetModuleFileNameA
QueryPerformanceCounter
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetConsoleCP
LCMapStringW
HeapReAlloc
SetStdHandle
OutputDebugStringW
FlushFileBuffers

user32

GetCapture
SetCapture
ReleaseCapture
DrawFocusRect
PtInRect
GetDialogBaseUnits
SetScrollPos
IsWindowVisible
IsZoomed
DrawEdge
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
MapWindowPoints
TabbedTextOutW
GetTabbedTextExtentW
EnumDisplayDevicesW
SendMessageTimeoutW
GetActiveWindow
GetSystemMenu
AppendMenuW
GetForegroundWindow
GetWindowThreadProcessId
DrawTextW
GetWindow
GetClassLongPtrW
LoadCursorW
DestroyIcon
DrawIconEx
CopyIcon
GetMessageW
GetFocus
ScreenToClient
GetWindowRect
CreateDialogParamW
SetWindowPos
MessageBoxW
SetForegroundWindow
LoadImageW
SetWindowLongW
GetWindowLongW
CheckRadioButton
ShowWindow
UpdateWindow
IsWindowEnabled
EnableWindow
DialogBoxParamW
DestroyWindow
CreateWindowExW
GetClientRect
InvalidateRect
GetSystemMetrics
LoadStringW
GetSysColor
SetWindowTextW
GetDlgCtrlID
GetWindowTextLengthW
SendMessageW
GetParent
GetWindowTextW
SetFocus
SetDlgItemTextW
GetDlgItem
EndDialog
IsChild
GetMessagePos
SystemParametersInfoW
GetScrollInfo
SetScrollInfo
GetScrollPos
ScrollWindowEx
ReleaseDC
GetDC
GetKeyState
GetWindowLongPtrW
IsRectEmpty
FillRect
GetSysColorBrush
RedrawWindow
EndPaint
BeginPaint
KillTimer
SetTimer
DefWindowProcW
SetWindowLongPtrW
PostQuitMessage
PostMessageW
LoadIconW
DispatchMessageW
SetCursor

gdi32

CreateDCW
GetDeviceCaps
GetTextExtentPoint32W
TextOutW
MoveToEx
GetObjectW
GetDIBits
CreateFontIndirectW
PatBlt
StretchBlt
GetTextMetricsW
SetTextColor
LineTo
SetViewportOrgEx
SelectObject
GetClipBox
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteObject
SetBkColor

comdlg32

GetSaveFileNameW

advapi32

RegEnumValueW
RegEnumKeyExW
GetTokenInformation
AdjustTokenPrivileges
OpenProcessToken
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
GetUserNameW

shell32

ExtractIconExW
SHGetSpecialFolderPathW
SHGetFileInfoW
ShellExecuteW

ole32

StringFromGUID2

oleaut32

GetErrorInfo
SysFreeString

Exports

Exports

BT_AddLogFile
BT_AddRegFile
BT_AppLogEntry
BT_AppLogEntryF
BT_AppLogEntryV
BT_CallCppFilter
BT_CallNetFilter
BT_CallSehFilter
BT_ClearLog
BT_ClearLogFiles
BT_CloseLogFile
BT_CppFilter
BT_DeleteLogFile
BT_ExportRegistryKey
BT_FlushLogFile
BT_GetActivityType
BT_GetAppName
BT_GetAppVersion
BT_GetCustomActivityHandler
BT_GetDialogMessage
BT_GetDumpType
BT_GetExitMode
BT_GetFlags
BT_GetLogEchoMode
BT_GetLogFileEntry
BT_GetLogFileName
BT_GetLogFilesCount
BT_GetLogFlags
BT_GetLogLevel
BT_GetLogSizeInBytes
BT_GetLogSizeInEntries
BT_GetMailProfile
BT_GetModule
BT_GetNotificationEMail
BT_GetPostErrHandler
BT_GetPreErrHandler
BT_GetReportFilePath
BT_GetReportFormat
BT_GetSupportEMail
BT_GetSupportHost
BT_GetSupportPort
BT_GetSupportURL
BT_GetUserMessage
BT_InsLogEntry
BT_InsLogEntryF
BT_InsLogEntryV
BT_InstallSehFilter
BT_InterceptSUEF
BT_MailSnapshot
BT_MailSnapshotEx
BT_NetFilter
BT_OpenLogFile
BT_ReadVersionInfo
BT_SaveSnapshot
BT_SaveSnapshotEx
BT_SehFilter
BT_SendSnapshot
BT_SendSnapshotEx
BT_SetActivityType
BT_SetAppName
BT_SetAppVersion
BT_SetCustomActivityHandler
BT_SetDialogMessage
BT_SetDumpType
BT_SetExitMode
BT_SetFlags
BT_SetLogEchoMode
BT_SetLogFlags
BT_SetLogLevel
BT_SetLogSizeInBytes
BT_SetLogSizeInEntries
BT_SetMailProfile
BT_SetModule
BT_SetNotificationEMail
BT_SetPostErrHandler
BT_SetPreErrHandler
BT_SetReportFilePath
BT_SetReportFormat
BT_SetSupportEMail
BT_SetSupportHost
BT_SetSupportPort
BT_SetSupportServer
BT_SetSupportURL
BT_SetUserMessage
BT_SetUserMessageFromCode
BT_UninstallSehFilter

Sections

.text
Size: 230KB - Virtual size: 230KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
XMouseButtonControl.exe
.exe windows:5 windows x64 arch:x64

78068da28a70bd960404623a154b1bcd

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31/05/2021, 06:43

Not After

17/09/2029, 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3d:a5:ca:7c:85:af:e6:68:8f:93:68:ae:a4:98:59:23
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

04/04/2023, 12:39

Not After

03/04/2024, 12:39

Subject

CN=Open Source Developer\, Phillip Gibbons,O=Open Source Developer,ST=Berkshire,C=GB,1.2.840.113549.1.9.1=#0c127068696c406869676872657a2e636f2e756b

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2b:d4:ae:70:b9:d0:63:5b:2a:e9:84:c8:d6:74:aa:30
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

28/07/2022, 08:56

Not After

27/07/2033, 08:56

Subject

CN=Certum Timestamp 2022,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:c7:ba:fb:6f:a3:88:57:cd:ac:95:77:3e:44:55:8f:42:b1:3e:37
Signer

Actual PE Digest

78:c7:ba:fb:6f:a3:88:57:cd:ac:95:77:3e:44:55:8f:42:b1:3e:37

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\My Documents\Visual Studio 2015\Projects\XMBC\XMouseButtonControl.root\XMBC\Bin\x64\Release\XMouseButtonControlFull.pdb

Imports

psapi

GetModuleFileNameExW
EnumProcessModules
EnumProcesses

dnsapi

DnsFree
DnsQuery_W

wininet

InternetOpenW
InternetOpenUrlW
InternetCloseHandle
DeleteUrlCacheEntryW
InternetReadFile

bugtrapu-x64

BT_CppFilter
BT_CallCppFilter
BT_SehFilter
BT_SetUserMessage

xmousebuttonhook

?GetName@CIcon@@QEAAPEB_WXZ
?GetPosition@CIcon@@QEAA?AUtagPOINT@@XZ
?IsGadget@CIcon@@QEAA_NXZ
?WindowHandle@CIcon@@QEAAPEAUHWND__@@XZ
?SaveIcons@CIconSettings@@QEAAHXZ
??0CGenericThreadLock@@QEAA@PEAU_RTL_CRITICAL_SECTION@@PEB_W_N@Z
??1CGenericThreadLock@@QEAA@XZ
?GetLayerModifierKeys@CSettings@@QEAAPEAVCLayerModifierKeys@@XZ
?GetActions@CApplicationSettings@@QEAA?AW4_ACTIONS@@HH_N@Z
?GetLayerDisabled@CApplicationSettings@@QEAA_NH@Z
?GetLayerDisabledNextPrev@CApplicationSettings@@QEAA_NH_N@Z
?GetAutoSwitchLayer@CApplicationSettings@@QEAAHH@Z
?GetRevertLayer1@CApplicationSettings@@QEAA_NH@Z
?SetActions@CApplicationSettings@@QEAAXHHW4_ACTIONS@@@Z
?SetLayerName@CApplicationSettings@@QEAAXPEB_WH@Z
?SetActionDescription@CApplicationSettings@@QEAAXHHPEB_W@Z
?SetKeystrokes@CApplicationSettings@@QEAAXHHPEB_WHH_N111@Z
?SetLaunchApp@CApplicationSettings@@QEAAXHHPEB_W@Z
?SetMovement2Scroll@CApplicationSettings@@QEAAXHHPEAVCMovement2Scroll@@@Z
?SetChords@CApplicationSettings@@QEAAXHHPEAVCXMBCChords@@@Z
?SetTimedClicks@CApplicationSettings@@QEAAXHHPEAVCXMBCTimedClicks@@@Z
?SetAutoSwitchLayer@CApplicationSettings@@QEAAXHH@Z
?SetAutoSwitchTime@CApplicationSettings@@QEAAXHN@Z
?SetRevertLayer1@CApplicationSettings@@QEAAXH_N@Z
?SetLayerDisabledNextPrev@CApplicationSettings@@QEAAXH_N@Z
?SetLayerDisabled@CApplicationSettings@@QEAAXH_N@Z
?GetLayerName@CApplicationSettings@@QEAAPEA_WH@Z
?GetActionData@CApplicationSettings@@QEAAPEAVCActionData@@HH@Z
?GetAutoSwitchTime@CApplicationSettings@@QEAANH@Z
?RandomiseDelay@CApplicationSettings@@QEAA_NHH@Z
?BlockMouseActive@CApplicationSettings@@QEAA_NHH@Z
?BlockMouse@CApplicationSettings@@QEAA_NHH@Z
?SendKeyWhenActive@CApplicationSettings@@QEAA_NHH@Z
?SendKeyRepeat@CApplicationSettings@@QEAAHHH@Z
?SendKeyAction@CApplicationSettings@@QEAAHHH@Z
?GetKeystrokes@CApplicationSettings@@QEAAPEA_WHH@Z
?GetLaunchApp@CApplicationSettings@@QEAAPEA_WHH@Z
?CopyChords@CApplicationSettings@@QEAAXHHPEAVCXMBCChords@@@Z
?GetChords@CApplicationSettings@@QEAAPEAVCXMBCChords@@HH@Z
?CopyTimedClicks@CApplicationSettings@@QEAAXHHPEAVCXMBCTimedClicks@@@Z
?GetTimedClicks@CApplicationSettings@@QEAAPEAVCXMBCTimedClicks@@HH@Z
??0CApplicationSettings@@QEAA@PEAVCSettings@@_NH@Z
??1CApplicationSettings@@UEAA@XZ
?ChordedAction@CActionData@@SAPEAV1@AEAVCXMBCChords@@@Z
?TimedClicksAction@CActionData@@SAPEAV1@AEAVCXMBCTimedClicks@@@Z
?LogOSDebug@CLogger@@SAXKPEB_WZZ
?ForceSPIMessage@CApplicationSettings@@QEAA_NXZ
?InvertedScrolling@CApplicationSettings@@QEAA_NXZ
?InvertedHorzScrolling@CApplicationSettings@@QEAA_NXZ
?ScrollPages@CApplicationSettings@@QEAA_NXZ
?ScrollLines@CApplicationSettings@@QEAAHXZ
?AdvScrollMethod@CApplicationSettings@@QEAAHXZ
?AdvScrollVertical@CApplicationSettings@@QEAAHXZ
?AdvScrollHorizontal@CApplicationSettings@@QEAAHXZ
?SetAdvScrollMethod@CApplicationSettings@@QEAAXH@Z
?SetAdvScrollVertical@CApplicationSettings@@QEAAXH@Z
?SetAdvScrollHorizontal@CApplicationSettings@@QEAAXH@Z
?SetInvertScrolling@CApplicationSettings@@QEAAX_N@Z
?SetInvertHorzScrolling@CApplicationSettings@@QEAAX_N@Z
?SetScrollPages@CApplicationSettings@@QEAAX_N@Z
?SetScrollLines@CApplicationSettings@@QEAAXH@Z
?SetForceSPIMessage@CApplicationSettings@@QEAAX_N@Z
??0CSettings@@QEAA@_NVCMouseInfo@@@Z
?GetStartupMouseInfo@@YAAEBVCMouseInfo@@XZ
??1CSettings@@UEAA@XZ
?SetSetupWindow@@YAXPEAUHWND__@@@Z
?GetShortName@CApplicationSettings@@QEAAHPEA_WH@Z
?IsEnabled@CApplicationSettings@@QEAA_NXZ
?GetSettingsFile@@YAHPEA_W_K_NAEA_N@Z
?CreateFolder@@YA_NPEB_W@Z
?Load@CSettings@@QEAA_NPEB_WAEA_N_N@Z
?GetCaption@CApplicationSettings@@QEAAPEB_WXZ
?GetClass@CApplicationSettings@@QEAAPEB_WXZ
?GetParentClass@CApplicationSettings@@QEAAPEB_WXZ
?IsCustomWindow@CApplicationSettings@@QEAA_NXZ
?GetMatchType@CApplicationSettings@@QEAAHXZ
?GetUseWindowArea@CApplicationSettings@@QEAA_NXZ
?GetWindowMask@CApplicationSettings@@QEAA?AW4WINDOWMASK@@XZ
?GetFullName@CApplicationSettings@@QEAAPEB_WXZ
?SetApplication@CApplicationSettings@@QEAAXPEB_W@Z
?SetDescription@CApplicationSettings@@QEAAXPEB_W@Z
?SetNoParentFlag@CApplicationSettings@@QEAAX_N@Z
?SetRegExMatching@CApplicationSettings@@QEAAX_N@Z
?GetLogFile@@YAHPEA_W_K_N@Z
?SetDefaultLogFolder@@YA_NPEB_W@Z
?GetDefaultLogFolder@@YA_NPEA_WK@Z
?SetDisableLayerModifier@CApplicationSettings@@QEAAX_N@Z
?SetDisableMouseOver@CApplicationSettings@@QEAAX_N@Z
?SetClipMouse@CApplicationSettings@@QEAAX_N@Z
?SetIgnoreHScroll@CApplicationSettings@@QEAAX_N@Z
?SetIgnoreVScroll@CApplicationSettings@@QEAAX_N@Z
?SetAxisLocking@CApplicationSettings@@QEAAX_N@Z
?SetProfileChangeScript@CApplicationSettings@@QEAAXPEB_W@Z
?EnableProfileScript@CApplicationSettings@@QEAAX_N@Z
?ChangeCursor@CApplicationSettings@@QEAAX_N@Z
?SetMouseSpeed@CApplicationSettings@@QEAAXH@Z
?Index@CIcon@@QEAAIXZ
?OverrideMouseSpeed@CApplicationSettings@@QEAAX_N@Z
?ActivateOnHover@CApplicationSettings@@QEAAX_N@Z
?SetDisableScrollUnderCursor@CApplicationSettings@@QEAAX_N@Z
?SetSwapButtons@CApplicationSettings@@QEAAXW4swapbuttons@@@Z
?SetIgnoreHScrollTime@CApplicationSettings@@QEAAXH@Z
?SetIgnoreVScrollTime@CApplicationSettings@@QEAAXH@Z
?GetProfileChangeScript@CApplicationSettings@@QEAAPEB_WXZ
?IsProfileScriptEnabled@CApplicationSettings@@QEAA_NXZ
?ChangeCursor@CApplicationSettings@@QEAA_NXZ
?GetMouseSpeed@CApplicationSettings@@QEAAHXZ
?ActivateOnHover@CApplicationSettings@@QEAA_NXZ
?GetDisableLayerModifier@CApplicationSettings@@QEAA_NXZ
?AxisLocking@CApplicationSettings@@QEAA_NXZ
?GetDisableMouseOver@CApplicationSettings@@QEAA_NXZ
?IsDefault@CApplicationSettings@@QEAA_NXZ
?GetIgnoreHScrollTime@CApplicationSettings@@QEAAHXZ
?GetIgnoreVScrollTime@CApplicationSettings@@QEAAHXZ
?GetIgnoreHScroll@CApplicationSettings@@QEAA_NXZ
?GetIgnoreVScroll@CApplicationSettings@@QEAA_NXZ
?GetDisableScrollUnderCursor@CApplicationSettings@@QEAA_NXZ
?EnhancePointerPrecision@CApplicationSettings@@QEAA_NXZ
?OverrideMouseSpeed@CApplicationSettings@@QEAA_NXZ
?ClipMouse@CApplicationSettings@@QEAA_NXZ
?SetCursor@CApplicationSettings@@QEAAXPEB_W@Z
?GetCursor@CApplicationSettings@@QEAAPEB_WXZ
?SwapButtons@CApplicationSettings@@QEAA?AW4swapbuttons@@XZ
??1CIcon@@UEAA@XZ
?SetSensitivityX@CMovement2Scroll@@QEAAXH@Z
?SetSensitivityY@CMovement2Scroll@@QEAAXH@Z
?SetAxisLock@CMovement2Scroll@@QEAAXH@Z
?SetStickyBlock@CMovement2Scroll@@QEAAX_N@Z
?SetSticky@CMovement2Scroll@@QEAAX_N@Z
?SetInvertHorizontal@CMovement2Scroll@@QEAAX_N@Z
?SetInvertVertical@CMovement2Scroll@@QEAAX_N@Z
?SetBlockMouse@CMovement2Scroll@@QEAAX_N@Z
?GetActionData@CMovement2Scroll@@QEAAPEAVCActionData@@XZ
?getSensitivityX@CMovement2Scroll@@QEAAHXZ
?getSensitivityY@CMovement2Scroll@@QEAAHXZ
?InvertHorizontal@CMovement2Scroll@@QEAA_NXZ
?InvertVertical@CMovement2Scroll@@QEAA_NXZ
?GetAxisLocked@CMovement2Scroll@@QEAAHXZ
?IsStickyBlock@CMovement2Scroll@@QEAA_NXZ
?IsSticky@CMovement2Scroll@@QEAA_NXZ
?IsButtonBlocked@CMovement2Scroll@@QEAA_NXZ
?SetModifier@CHotkey@@QEAAHG@Z
?SetVirtualKey@CHotkey@@QEAAHG@Z
?IsExtended@CHotkey@@QEAA_NXZ
?GetHotkey@CLayerModifierKeys@@QEAAPEAVCHotkey@@W4ModifierKeys@@@Z
?SetLanguage@CSettings@@QEAAXPEB_W@Z
?GetLanguage@CSettings@@QEAAPEB_WXZ
?SetHotkey@CHotkey@@QEAAHK@Z
?GetVirtualKey@CHotkey@@QEAAGXZ
?GetModifier@CHotkey@@QEAAGXZ
?GetHotkey@CHotKeys@@QEAAPEAVCHotkey@@W4GlobalHotkeys@@@Z
?MaxLayers@CSettings@@QEAA?BHXZ
?GetDescription@CApplicationSettings@@QEAAPEB_WXZ
?GetApplication@CApplicationSettings@@QEAAPEB_WXZ
?GetApplication@CSettings@@QEAAPEAVCApplicationSettings@@H@Z
?GetApplicationCount@CSettings@@QEAAHXZ
?GetDefaultApp@CSettings@@QEAAPEAVCApplicationSettings@@XZ
?NewAction@CActionData@@SAPEAV1@H@Z
?Clear@CActionData@@QEAAXXZ
?GetTimedClicks@CActionData@@QEAAPEAVCXMBCTimedClicks@@XZ
?GetLaunchApp@CXMBCChord@@QEAAPEB_WXZ
?SendKeyAction@CXMBCChord@@QEAAHXZ
?GetKeys@CXMBCChord@@QEAAPEB_WXZ
?GetChords@CActionData@@QEAAPEAVCXMBCChords@@XZ
?GetApplication@CActionData@@QEAAPEA_WXZ
?SetActionData@CXMBCTimedClick@@QEAAXPEAVCActionData@@@Z
?SetEnabled@CXMBCTimedClicks@@QEAAXH_N@Z
?SetReleaseOnUp@CXMBCTimedClicks@@QEAAX_N@Z
?SetAbort2OnMouseMove@CXMBCTimedClicks@@QEAAX_N@Z
?SetAbortOnMouseMove@CXMBCTimedClicks@@QEAAX_N@Z
?SetTime@CXMBCTimedClicks@@QEAAXHH@Z
?SetDescription@CXMBCTimedClicks@@QEAAXPEB_W@Z
?GetTime@CXMBCTimedClicks@@QEAAHH@Z
?GetDescription@CXMBCTimedClicks@@QEAAPEA_WXZ
?GetActionData@CXMBCTimedClick@@QEAAPEAVCActionData@@XZ
?GetTimedClick@CXMBCTimedClicks@@QEAAPEAVCXMBCTimedClick@@H@Z
?GetAction@CXMBCTimedClick@@QEAA?AW4_ACTIONS@@XZ
?GetEnabled@CXMBCTimedClicks@@QEAA_NH@Z
?GetReleaseOnUp@CXMBCTimedClicks@@QEAA_NXZ
?GetAbort2OnMouseMove@CXMBCTimedClicks@@QEAA_NXZ
?GetAbortOnMouseMove@CXMBCTimedClicks@@QEAA_NXZ
?Initialise@CXMBCTimedClicks@@QEAAXW4MouseButtons@@_N@Z
??4CXMBCTimedClicks@@QEAAXPEAV0@@Z
??1CXMBCTimedClicks@@UEAA@XZ
??0CXMBCTimedClicks@@QEAA@XZ
??1CMovement2Scroll@@QEAA@XZ
?SetMovement2Scroll@CActionData@@QEAAXPEAVCMovement2Scroll@@@Z
?GetMovement2Scroll@CActionData@@QEAAPEAVCMovement2Scroll@@XZ
?Copy@CMovement2Scroll@@QEAAXPEAV1@@Z
?SetMatchType@CApplicationSettings@@QEAAXH@Z
?SetWindowMask@CApplicationSettings@@QEAAXW4WINDOWMASK@@@Z
?SetUseWindowArea@CApplicationSettings@@QEAAX_N@Z
?SetWindowArea@CApplicationSettings@@QEAAXUtagRECT@@@Z
?GetIcon@CIconSettings@@QEAAPEAVCIcon@@H@Z
?GetCount@CIconSettings@@QEAAHXZ
?EnhancePointerPrecision@CApplicationSettings@@QEAAX_N@Z
?LoadIcons@CIconSettings@@QEAAHXZ
??0CMovement2Scroll@@QEAA@XZ
?OpenFolderAction@CActionData@@SAPEAV1@PEB_W@Z
?AppAction@CActionData@@SAPEAV1@PEB_W@Z
?KeyAction@CActionData@@SAPEAV1@PEB_WHHH_N1110@Z
?GetDescription@CActionData@@QEAAPEA_WXZ
?RandomiseDelay@CActionData@@QEAA_NXZ
?BlockMouseActive@CActionData@@QEAA_NXZ
?BlockMouse@CActionData@@QEAA_NXZ
?Active@CActionData@@QEAA_NXZ
?KeyRepeat@CActionData@@QEAAHXZ
?KeyAction@CActionData@@QEAAHXZ
?GetKeys@CActionData@@QEAAPEA_WXZ
?SetUnblockTime@CXMBCChords@@QEAAXH@Z
?SetUnblockAfterMovement@CXMBCChords@@QEAAX_N@Z
?SetUnblockAfterDelay@CXMBCChords@@QEAAX_N@Z
?SetDelayUntilChordKnown@CXMBCChords@@QEAAX_N@Z
?SetDescription@CXMBCChords@@QEAAXPEB_W@Z
?SetActionData@CXMBCChord@@QEAAXPEAVCActionData@@@Z
?AddApplication@CSettings@@QEAA_NPEAVCApplicationSettings@@@Z
?NoParent@CApplicationSettings@@QEAA_NXZ
?RegExMatching@CApplicationSettings@@QEAA_NXZ
?GetWindowArea@CApplicationSettings@@QEAA?AUtagRECT@@XZ
?Copy@CApplicationSettings@@QEAAXPEAV1@@Z
?RemoveApplication@CSettings@@QEAA_NPEAVCApplicationSettings@@@Z
?SetDebug@@YAX_NPEB_W@Z
?UpdateSettings@@YA_NXZ
?SetDefaultApp@CSettings@@QEAAXPEAVCApplicationSettings@@@Z
?ClearApplications@CSettings@@QEAAXXZ
?Save@CSettings@@QEAA_NPEB_W@Z
?SavePersistantSettings@@YA_NXZ
?SetEnableFlag@CApplicationSettings@@QEAAX_N@Z
?FlushLog@CLogger@@SAXXZ
?Import@CSettings@@QEAAHPEB_WPEAUHWND__@@0PEAPEAVCApplicationSettings@@@Z
?GetDescription@CXMBCChords@@QEAAPEA_WXZ
?GetActionData@CXMBCChord@@QEAAPEAVCActionData@@XZ
?GetChord@CXMBCChords@@QEAAPEAVCXMBCChord@@W4MouseButtons@@@Z
?GetAction@CXMBCChord@@QEAA?AW4_ACTIONS@@XZ
?UnblockAfterMovement@CXMBCChords@@QEAA_NXZ
?UnblockTime@CXMBCChords@@QEAAHXZ
?UnblockAfterDelay@CXMBCChords@@QEAA_NXZ
?DelayUntilChordKnown@CXMBCChords@@QEAA_NXZ
??4CXMBCChords@@QEAAXPEAV0@@Z
?Export@CSettings@@QEAA_NPEAVCApplicationSettings@@PEB_W@Z
?GetFilename@CSettings@@QEAAPEB_WXZ
?SetSettingsFile@@YAHPEB_W@Z
?GetDefaultSettingsFile@@YAHPEA_W_K@Z
?LoadIcons@CIconSettings@@QEAAHPEB_W@Z
?SaveIcons@CIconSettings@@QEAAHPEB_W@Z
??0CVolumeManager@@QEAA@_NPEB_WK@Z
??1CVolumeManager@@UEAA@XZ
?SetParent@CVolumeManager@@QEAAXPEAUHWND__@@@Z
?ReInitialise@CVolumeManager@@QEAAXXZ
?RemoveListedIcons@CIconSettings@@QEAAHXZ
?AddIcon@CIconSettings@@QEAAHPEAVCIcon@@@Z
??0CIcon@@QEAA@IPEB_WUtagPOINT@@PEAUHWND__@@_N@Z
?ClearIcons@CIconSettings@@QEAAHXZ
?GetDebug@@YA_NXZ
??1CIconSettings@@UEAA@XZ
??0CIconSettings@@QEAA@XZ
?GetHotKeys@CSettings@@QEAAPEAVCHotKeys@@XZ
?SetThreadName@@YAXKPEBD@Z
?SetMaxLayers@CSettings@@QEAA_NH@Z
?RealWindowFromPoint@@YAPEAUHWND__@@AEBUtagPOINT@@@Z
?SetFindHook@@YA_NPEAUHWND__@@@Z
?LeftClickCycleLayer@@YA_NXZ
?NextLayer@@YAXXZ
?PreviousLayer@@YAXXZ
?RemoveFindHook@@YA_NXZ
?GetProfileWindow@@YAPEAUHWND__@@XZ
?WindowFromPointEx@@YAPEAUHWND__@@UtagPOINT@@H@Z
?GetPhysCursorPos@@YAHPEAUtagPOINT@@@Z
?SetActionData@CMovement2Scroll@@QEAAXPEAVCActionData@@@Z
?MaxLayers@@YAHXZ
?CheckVersionEnabled@@YA_NXZ
?CheckVersionDays@@YAHXZ
?GetLastUpdateCheck@@YAHXZ
?LogDebug@CLogger@@SAXPEB_WZZ
?LogMessage@CLogger@@SAXPEB_WZZ
?CheckBetaVersionEnabled@@YA_NXZ
?SetLastUpdateCheck@@YAXH@Z
?GetSettingsFolder@@YAHPEA_W_K@Z
?GetEXEFolder@@YAHPEA_W_K@Z
?get_ResetStickyOnAnyButton@CSettings@@QEAA_NXZ
?get_ResetStickyOnAnyKey@CSettings@@QEAA_NXZ
?get_ResetStickyOnLayerChange@CSettings@@QEAA_NXZ
?get_EnableDebounce@CSettings@@QEAA_NXZ
?get_DebounceTime@CSettings@@QEAAHXZ
?get_DebounceFromUp@CSettings@@QEAA_NXZ
?put_ResetStickyOnAnyButton@CSettings@@QEAAX_N@Z
?put_ResetStickyOnAnyKey@CSettings@@QEAAX_N@Z
?put_ResetStickyOnLayerChange@CSettings@@QEAAX_N@Z
?put_EnableDebounce@CSettings@@QEAAX_N@Z
?put_DebounceTime@CSettings@@QEAAXH@Z
?put_DebounceFromUp@CSettings@@QEAAX_N@Z
?LogOSMessage@CLogger@@SAXKPEB_WZZ
?GetOSVersion@@YA?AW4_ActionOSVersion@@XZ
??1CBrightness@@QEAA@XZ
??0CBrightness@@QEAA@PEAUHWND__@@@Z
?GetAlwaysShowOSD@@YA_NXZ
?SetBrightness@CBrightness@@QEAA_NH@Z
?Action@CActionData@@QEAA?AW4_ACTIONS@@XZ
?LogThreadDebug@CLogger@@SAXPEB_WZZ
??0CXMBCChords@@QEAA@XZ
??1CXMBCChords@@UEAA@XZ
?SetVolume@CVolumeManager@@QEAA_NM@Z
?Notifiction@CVolumeManager@@UEAAXW4VolumeAction@@@Z
??0ExceptionHandlerInstaller@@QEAA@XZ
??1ExceptionHandlerInstaller@@UEAA@XZ
??0InvalidParameterInstaller@@QEAA@_N@Z
??1InvalidParameterInstaller@@QEAA@XZ
?DebugOutput@CLogger@@SAXPEB_WZZ
?DisableLogging@CLogger@@SAX_N@Z
?SetPortable@@YAX_N@Z
?AddFiles@ExceptionHandlerInstaller@@SAXXZ
?DisableBanner@CLogger@@SAXXZ
?GetProcessIntegrityLevel@@YAHKPEAX@Z
?GetHooktimeoutValue@@YAKXZ
??0CCheckCert@@QEAA@XZ
??1CCheckCert@@QEAA@XZ
?VerifyCert@CCheckCert@@QEAA_NPEB_W@Z
?GetOfficeMouse@@YA_NXZ
?SetOfficeMouse@@YAX_N@Z
?GetShowIcon@@YA_NXZ
?IsDesktopLocked@@YA_NXZ
?SetMouseHook@@YA_NXZ
?RemoveMouseHook@@YA_N_N@Z
?GetLanguageFile@@YA_NPEA_WH@Z
?SetHookVolumeOSDWindow@@YAXPEAUHWND__@@@Z
?SetHookBrightnessOSDWindow@@YAXPEAUHWND__@@@Z
?GetLock@CLogger@@SA_NXZ
?ReleaseLock@CLogger@@SAXXZ
?SetHookMainWindow@@YAXPEAUHWND__@@@Z
?GetHooked@@YA_NXZ
?NotificatcionsEnabled@@YA_NXZ
?IsXMBCDisabled@@YA_N_N@Z
?GetEnableOSD@@YA_NXZ
?GetLayername@@YAPEB_WH@Z
?SetCurrentLayer@@YAXH_N00@Z
?GetReinstallOnResume@@YA_NXZ
?DisplayChanged@@YAXXZ
?UpdateCursors@@YAXXZ
?UpdateSPIThread@@YAXXZ
?GetUseWhenDisabled@CHotkey@@QEAAHXZ
?GetHotkeys@@YAPEAVCHotKeys@@XZ
?GetCycleCursorSpeed@@YAHXZ
?CycleCursorSpeed@@YAXXZ
?HookToggleXAxisLock@@YAXXZ
?HookToggleYAxisLock@@YAXXZ
?HookToggleXAxisInvert@@YAXXZ
?HookToggleYAxisInvert@@YAXXZ
?GetCurrentLayer@@YAHXZ

kernel32

OutputDebugStringW
GetStringTypeW
LCMapStringW
GetCPInfo
RtlPcToFileHeader
RtlUnwindEx
ExitThread
FreeLibraryAndExitThread
GetCommandLineA
GetCommandLineW
HeapQueryInformation
VirtualAlloc
VirtualQuery
GetStdHandle
ExitProcess
GetFileType
IsValidLocale
EnumSystemLocalesW
GetTimeZoneInformation
GetDriveTypeW
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetStdHandle
GetConsoleCP
GetConsoleMode
SetFilePointerEx
ReadConsoleW
GetStartupInfoW
WriteConsoleW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
GetUserDefaultLCID
SetErrorMode
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
GetCurrentDirectoryW
FindResourceExW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetThreadLocale
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GlobalFlags
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetPrivateProfileIntW
SystemTimeToTzSpecificLocalTime
lstrcmpA
VirtualProtect
LoadLibraryExW
GetSystemDirectoryW
EncodePointer
FormatMessageW
MulDiv
GetCurrentProcessId
GlobalUnlock
GlobalLock
FreeResource
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
GetModuleHandleExW
SetLastError
OutputDebugStringA
GetACP
CopyFileW
MoveFileW
LocalFree
CreateNamedPipeW
LocalAlloc
ReadFile
ConnectNamedPipe
SetThreadPriority
GetCurrentThread
GetSystemInfo
GetProcessId
GetModuleFileNameW
WriteFile
WaitNamedPipeW
CreateFileW
DisconnectNamedPipe
GlobalFree
GlobalAlloc
CreateThread
GetProcessHeap
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
HeapFree
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
InitializeCriticalSectionAndSpinCount
WritePrivateProfileStringW
GetPrivateProfileStringW
WriteProcessMemory
ReadProcessMemory
VirtualFreeEx
VirtualAllocEx
OpenProcess
GetCurrentProcess
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
OpenMutexW
CreateMutexW
ReleaseMutex
lstrcmpW
GetModuleHandleW
FileTimeToSystemTime
FileTimeToLocalFileTime
ResetEvent
TerminateThread
SetEvent
ResumeThread
GetExitCodeThread
CloseHandle
CreateEventW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetTickCount
WaitForSingleObject
FindFirstFileW
FindClose
FindNextFileW
FreeLibrary
GetProcAddress
LoadLibraryW
GetVersionExW
GetCurrentThreadId
lstrcpynW
WideCharToMultiByte
Sleep
DeleteFileW
GetFileAttributesW
GetTempPathW
GetLastError
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource

user32

CharUpperW
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
CharNextW
RealChildWindowFromPoint
RegisterClipboardFormatW
PostQuitMessage
SetWindowContextHelpId
DestroyMenu
NotifyWinEvent
WindowFromPoint
MapDialogRect
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
IsDialogMessageW
SetDlgItemTextW
MonitorFromWindow
WinHelpW
GetClassLongPtrW
MapWindowPoints
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
GetScrollPos
ValidateRect
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
IsIconic
IsChild
IsMenu
GetClassInfoW
RegisterClassW
CallWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
EndPaint
BeginPaint
TabbedTextOutW
GrayStringW
GetMenuStringW
GetLastActivePopup
GetActiveWindow
GetNextDlgTabItem
CreateDialogIndirectParamW
DestroyWindow
SendDlgItemMessageA
GetForegroundWindow
SetCursorPos
GetDoubleClickTime
CheckMenuItem
RemoveMenu
SetActiveWindow
DrawEdge
CreateIconIndirect
GetSystemMenu
GetWindowLongPtrW
EndDialog
GetDlgItem
SetWindowLongPtrW
DialogBoxParamW
DialogBoxIndirectParamW
ShowScrollBar
RegisterWindowMessageW
EnableWindow
MessageBoxW
GetTopWindow
GetWindow
PostMessageW
SendMessageW
GetWindowThreadProcessId
IsWindowVisible
LoadIconW
GetClientRect
FindWindowExW
GetWindowTextW
EnumDesktopWindows
IsWindow
GetWindowRect
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetSystemMetrics
GetComboBoxInfo
MoveWindow
GetCapture
GetWindowLongW
SetWindowLongW
DrawStateW
InflateRect
OffsetRect
GetSysColor
GetFocus
FrameRect
GetCursorPos
ScreenToClient
RedrawWindow
InvalidateRect
UpdateWindow
GetParent
GetMonitorInfoW
MonitorFromPoint
CopyRect
SystemParametersInfoW
SetWindowRgn
DestroyIcon
FillRect
GetSysColorBrush
DrawTextExW
DrawIconEx
GetClassNameW
IsRectEmpty
PtInRect
SetRectEmpty
ReleaseCapture
SetFocus
SetCapture
GetDlgCtrlID
EqualRect
GetKeyState
IntersectRect
LoadImageW
SetCursor
LoadCursorW
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
AnimateWindow
GetIconInfo
KillTimer
SetTimer
GetDC
ReleaseDC
ClientToScreen
GetClassInfoExW
DefWindowProcW
RegisterClassExW
SetParent
GetDesktopWindow
SetRect
DrawFocusRect
GetWindowTextLengthW
SetWindowTextW
IsWindowEnabled
LoadMenuW
GetSubMenu
GetMenuItemCount
GetMenuItemID
ModifyMenuW
EnableMenuItem
GetAsyncKeyState
LoadBitmapW
GetCursor
CreatePopupMenu
AppendMenuW
ShowWindow
GetWindowDC
wsprintfW
RegisterHotKey
UnregisterHotKey
GetMessageW
TranslateMessage
DispatchMessageW
PostThreadMessageW
UnregisterClassW
CreateWindowExW
MessageBeep
SetWindowPos
GetThreadDesktop
FindWindowW
SetLayeredWindowAttributes
DrawTextW
GetAncestor
SetForegroundWindow
LockWindowUpdate
GetScrollBarInfo

gdi32

EnumFontFamiliesExW
GetDIBits
CreateFontW
CreateDIBSection
PatBlt
SetBkMode
Ellipse
DeleteDC
CreateBitmap
SetTextColor
SetBkColor
GetClipBox
Rectangle
CreatePen
GetDeviceCaps
GetTextMetricsW
SelectObject
GetTextExtentPoint32W
CreateCompatibleBitmap
CreateCompatibleDC
SetPixel
SelectClipRgn
SelectClipPath
CreateSolidBrush
GetCurrentObject
GetStockObject
CreateFontIndirectW
DeleteObject
EndPath
BeginPath
CreateRoundRectRgn
CreateRectRgnIndirect
GetObjectW
SetDIBits
OffsetViewportOrgEx
GetRgnBox
GetTextColor
GetBkColor
GetMapMode
ScaleWindowExtEx
ScaleViewportExtEx
BitBlt
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
MoveToEx
GetLayout
SetLayout
SetMapMode
ExtSelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
GetWindowExtEx
GetViewportExtEx
Escape

msimg32

GradientFill
TransparentBlt

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

GetUserNameW
SetSecurityDescriptorDacl
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegEnumKeyW
RegQueryValueW
RegEnumValueW
InitializeSecurityDescriptor

shell32

ShellExecuteW
ExtractIconExW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
Shell_NotifyIconW
ord680
SHGetFolderPathW
FindExecutableW

comctl32

ImageList_ReplaceIcon
ImageList_GetIconSize
_TrackMouseEvent
ImageList_GetIcon
InitCommonControlsEx
ord17

shlwapi

PathFileExistsW
PathRemoveFileSpecW
PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathStripToRootW

uxtheme

EnableThemeDialogTexture
IsThemeActive
OpenThemeData
CloseThemeData
SetWindowTheme
GetThemePartSize
IsAppThemed
DrawThemeBackground

ole32

CoUninitialize
CoTaskMemFree
CoInitialize
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoCreateGuid
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoInitializeEx
CoTaskMemAlloc
CoInitializeSecurity

oleaut32

OleCreateFontIndirect
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocString
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysFreeString

oledlg

OleUIBusyW

urlmon

URLDownloadToFileW

oleacc

CreateStdAccessibleObject
LresultFromObject

Sections

.text
Size: 924KB - Virtual size: 923KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 524KB - Virtual size: 523KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
XMouseButtonHook.dll
.dll windows:5 windows x64 arch:x64

83f608f06cf458d15aa5e304360369b7

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31/05/2021, 06:43

Not After

17/09/2029, 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3d:a5:ca:7c:85:af:e6:68:8f:93:68:ae:a4:98:59:23
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

04/04/2023, 12:39

Not After

03/04/2024, 12:39

Subject

CN=Open Source Developer\, Phillip Gibbons,O=Open Source Developer,ST=Berkshire,C=GB,1.2.840.113549.1.9.1=#0c127068696c406869676872657a2e636f2e756b

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2b:d4:ae:70:b9:d0:63:5b:2a:e9:84:c8:d6:74:aa:30
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

28/07/2022, 08:56

Not After

27/07/2033, 08:56

Subject

CN=Certum Timestamp 2022,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1e:a9:78:57:08:a7:20:9d:f7:bc:c2:4d:02:d3:7c:40:c3:1a:6c:f3
Signer

Actual PE Digest

1e:a9:78:57:08:a7:20:9d:f7:bc:c2:4d:02:d3:7c:40:c3:1a:6c:f3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\My Documents\Visual Studio 2015\Projects\XMBC\XMouseButtonControl.root\XMBC\Bin\x64\Release\XMouseButtonHookFull.pdb

Imports

psapi

EnumProcesses
EnumProcessModules
GetModuleFileNameExW
GetProcessImageFileNameW

bugtrapu-x64

BT_SetSupportServer
BT_SetSupportURL
BT_SetFlags
BT_SetPreErrHandler
BT_SetPostErrHandler
BT_UninstallSehFilter
BT_SetSupportEMail
BT_SetAppVersion
BT_SetAppName
BT_InstallSehFilter
BT_AddLogFile
BT_CallCppFilter
BT_SetNotificationEMail

msimg32

TransparentBlt

kernel32

WideCharToMultiByte
QueryPerformanceFrequency
QueryPerformanceCounter
Sleep
WaitForSingleObject
CreateEventW
SetEvent
TerminateThread
GetExitCodeThread
SetLastError
ResetEvent
GetCurrentThread
SetThreadPriority
GlobalAlloc
GlobalLock
GlobalUnlock
RaiseException
DecodePointer
GetModuleHandleW
GetVersionExW
GetCurrentProcess
GetProcessId
GetModuleFileNameW
OpenProcess
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
SetPriorityClass
ExitProcess
GetTempPathW
FindFirstFileW
FindClose
GetFileAttributesW
CreateDirectoryW
DeleteTimerQueueTimer
CreateTimerQueueTimer
LocalAlloc
TerminateProcess
GetSystemDirectoryW
SetEndOfFile
ReadFile
SetFilePointerEx
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
GetProcessHeap
ReadConsoleW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetConsoleMode
GetConsoleCP
HeapSize
GetFileType
GetStdHandle
GetACP
GetModuleFileNameA
HeapReAlloc
HeapAlloc
HeapFree
GetModuleHandleExW
FreeLibraryAndExitThread
ResumeThread
ExitThread
CreateThread
InterlockedFlushSList
LoadLibraryExW
RtlUnwindEx
RtlPcToFileHeader
InitializeSListHead
GetCurrentProcessId
GetStartupInfoW
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
IsDebuggerPresent
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetLocaleInfoW
LCMapStringW
GetFileSizeEx
CompareStringW
GetCPInfo
EncodePointer
GetStringTypeW
MultiByteToWideChar
CreateFileW
LocalFree
FormatMessageW
WriteFile
SetFilePointer
GetTickCount
TryEnterCriticalSection
GetLocalTime
FlushFileBuffers
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
OutputDebugStringW
InitializeCriticalSection
GetComputerNameW
GetCurrentThreadId
FreeLibrary
GetProcAddress
LoadLibraryW
GetLastError
InitializeCriticalSectionAndSpinCount
CloseHandle

user32

AllowSetForegroundWindow
LockSetForegroundWindow
AttachThreadInput
SwitchToThisWindow
FindWindowW
GetFocus
LoadKeyboardLayoutW
GetKeyboardLayoutList
SetCapture
ReleaseCapture
IsChild
GetScrollInfo
SetForegroundWindow
GetMonitorInfoW
MessageBeep
GetClipboardData
SystemParametersInfoW
GetAncestor
GetClassNameW
RegisterWindowMessageW
PostMessageW
DestroyCursor
SetWindowsHookExW
UnhookWindowsHookEx
ClipCursor
UnionRect
GetWindowLongPtrW
EnumDisplayMonitors
LoadImageW
CopyIcon
GetDC
GetSystemMetrics
ReleaseDC
LockWorkStation
ActivateKeyboardLayout
GetWindowTextW
GetGUIThreadInfo
SendMessageTimeoutW
CallNextHookEx
UnloadKeyboardLayout
GetDoubleClickTime
SetWindowPos
GetWindow
GetWindowThreadProcessId
EnumChildWindows
GetWindowLongW
GetParent
IsWindowVisible
PtInRect
IsWindow
MonitorFromPoint
GetDesktopWindow
WindowFromPoint
ChildWindowFromPointEx
ScreenToClient
CopyImage
SetTimer
DispatchMessageW
TranslateMessage
KillTimer
VkKeyScanW
OemKeyScan
VkKeyScanExW
GetKeyboardLayout
CharToOemW
GetKeyState
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
SendMessageW
ShowWindow
FindWindowExW
MessageBoxW
GetMessageW
MapVirtualKeyW
MapVirtualKeyExW
SendInput
GetWindowRect
ClientToScreen
GetForegroundWindow
SetCursorPos
GetCursorPos
PostThreadMessageW
LoadCursorW
SetSystemCursor
DestroyIcon
CreateIconIndirect
DrawIconEx
GetIconInfo
FillRect
GetAsyncKeyState

gdi32

GetDeviceCaps
CreateBitmap
GetDIBits
TextOutW
DeleteDC
CreatePen
Ellipse
Rectangle
GetTextExtentPointW
SetBkColor
RoundRect
DeleteObject
CreateDIBSection
CreateCompatibleDC
SelectObject
CreateSolidBrush
SetBkMode
SetTextColor
CreateFontIndirectW
GetObjectW

advapi32

GetSidSubAuthorityCount
GetSidSubAuthority
GetTokenInformation
OpenProcessToken
RegOpenKeyExW
RegCloseKey
RegCreateKeyExW
RegQueryValueExW
RegDeleteValueW
RegSetValueExW
GetUserNameW

shell32

ShellExecuteExW

ole32

CoUninitialize
CoInitializeEx
CoSetProxyBlanket
CoCreateInstance
CoCreateGuid

oleaut32

VariantClear
SysFreeString
SysAllocString
VariantInit

shlwapi

PathFileExistsW

winmm

timeEndPeriod
timeKillEvent
timeSetEvent
timeGetDevCaps

Exports

Exports

??0CActionData@@AEAA@XZ
??0CActionData@@QEAA@AEBV0@@Z
??0CApplicationSettings@@QEAA@AEBV0@@Z
??0CApplicationSettings@@QEAA@PEAVCSettings@@_NH@Z
??0CAudioNotificationClient@@QEAA@AEBV0@@Z
??0CAudioNotificationClient@@QEAA@PEB_W@Z
??0CAudioThreadLock@@QEAA@PEB_W@Z
??0CBrightness@@QEAA@PEAUHWND__@@@Z
??0CCheckCert@@QEAA@XZ
??0CGenericThreadLock@@QEAA@PEAU_RTL_CRITICAL_SECTION@@PEB_W_N@Z
??0CHotKeys@@QEAA@AEBV0@@Z
??0CHotKeys@@QEAA@XZ
??0CHotkey@@QEAA@AEBV0@@Z
??0CHotkey@@QEAA@H@Z
??0CIcon@@QEAA@AEBV0@@Z
??0CIcon@@QEAA@IPEB_WHHPEAUHWND__@@_N@Z
??0CIcon@@QEAA@IPEB_WUtagPOINT@@PEAUHWND__@@_N@Z
??0CIconSettings@@QEAA@AEBV0@@Z
??0CIconSettings@@QEAA@XZ
??0CInternalVolumeNotification@@QEAA@$$QEAV0@@Z
??0CInternalVolumeNotification@@QEAA@AEBV0@@Z
??0CInternalVolumeNotification@@QEAA@XZ
??0CLayerModifierKeys@@QEAA@AEBV0@@Z
??0CLayerModifierKeys@@QEAA@XZ
??0CLockAxis@@QEAA@AEBV0@@Z
??0CLockAxis@@QEAA@XZ
??0CMouseInfo@@QEAA@QEAH@Z
??0CMouseInfo@@QEAA@XZ
??0CMovement2Scroll@@QEAA@PEAV0@@Z
??0CMovement2Scroll@@QEAA@W4_ACTIONS@@@Z
??0CMovement2Scroll@@QEAA@XZ
??0CMyRegKey@@QEAA@PEB_WPEAUHKEY__@@K@Z
??0CSecureAttentionSequence@@QEAA@XZ
??0CSettings@@QEAA@AEBV0@@Z
??0CSettings@@QEAA@_NVCMouseInfo@@@Z
??0CThreadLock@@QEAA@PEB_W@Z
??0CVolumeManager@@QEAA@AEBV0@@Z
??0CVolumeManager@@QEAA@_NPEB_WK@Z
??0CVolumeNotification@@QEAA@AEBV0@@Z
??0CVolumeNotification@@QEAA@PEAUHWND__@@PEB_W@Z
??0CXMBCChord@@QEAA@AEBV0@@Z
??0CXMBCChord@@QEAA@XZ
??0CXMBCChords@@QEAA@AEAV0@@Z
??0CXMBCChords@@QEAA@XZ
??0CXMBCTimedClick@@QEAA@AEBV0@@Z
??0CXMBCTimedClick@@QEAA@XZ
??0CXMBCTimedClicks@@QEAA@AEAV0@@Z
??0CXMBCTimedClicks@@QEAA@XZ
??0ExceptionHandlerInstaller@@QEAA@AEBV0@@Z
??0ExceptionHandlerInstaller@@QEAA@XZ
??0InvalidParameterInstaller@@QEAA@_N@Z
??1CActionData@@UEAA@XZ
??1CApplicationSettings@@UEAA@XZ
??1CAudioNotificationClient@@AEAA@XZ
??1CAudioThreadLock@@QEAA@XZ
??1CBrightness@@QEAA@XZ
??1CCheckCert@@QEAA@XZ
??1CGenericThreadLock@@QEAA@XZ
??1CHotKeys@@UEAA@XZ
??1CHotkey@@UEAA@XZ
??1CIcon@@UEAA@XZ
??1CIconSettings@@UEAA@XZ
??1CLayerModifierKeys@@UEAA@XZ
??1CLockAxis@@UEAA@XZ
??1CMovement2Scroll@@QEAA@XZ
??1CMyRegKey@@QEAA@XZ
??1CSecureAttentionSequence@@QEAA@XZ
??1CSettings@@UEAA@XZ
??1CThreadLock@@QEAA@XZ
??1CVolumeManager@@UEAA@XZ
??1CVolumeNotification@@UEAA@XZ
??1CXMBCChord@@UEAA@XZ
??1CXMBCChords@@UEAA@XZ
??1CXMBCTimedClick@@UEAA@XZ
??1CXMBCTimedClicks@@UEAA@XZ
??1ExceptionHandlerInstaller@@UEAA@XZ
??1InvalidParameterInstaller@@QEAA@XZ
??4CActionData@@QEAAAEAV0@AEBV0@@Z
??4CApplicationSettings@@QEAAAEAV0@AEBV0@@Z
??4CAudioNotificationClient@@QEAAAEAV0@AEBV0@@Z
??4CAudioThreadLock@@QEAAAEAV0@AEBV0@@Z
??4CBrightness@@QEAAAEAV0@AEBV0@@Z
??4CCheckCert@@QEAAAEAV0@AEBV0@@Z
??4CGenericThreadLock@@QEAAAEAV0@AEBV0@@Z
??4CHotKeys@@QEAAAEAV0@AEBV0@@Z
??4CHotkey@@QEAAAEAV0@AEBV0@@Z
??4CIcon@@QEAAAEAV0@AEBV0@@Z
??4CIconSettings@@QEAAAEAV0@AEBV0@@Z
??4CInternalVolumeNotification@@QEAAAEAV0@$$QEAV0@@Z
??4CInternalVolumeNotification@@QEAAAEAV0@AEBV0@@Z
??4CLayerModifierKeys@@QEAAAEAV0@AEBV0@@Z
??4CLockAxis@@QEAAAEAV0@AEBV0@@Z
??4CLogger@@QEAAAEAV0@$$QEAV0@@Z
??4CLogger@@QEAAAEAV0@AEBV0@@Z
??4CMouseInfo@@QEAAAEAV0@$$QEAV0@@Z
??4CMouseInfo@@QEAAAEAV0@AEBV0@@Z
??4CMovement2Scroll@@QEAAAEAV0@AEBV0@@Z
??4CMyRegKey@@QEAAAEAV0@AEBV0@@Z
??4CSecureAttentionSequence@@QEAAAEAV0@AEBV0@@Z
??4CSettings@@QEAAAEAV0@AEBV0@@Z
??4CThreadLock@@QEAAAEAV0@AEBV0@@Z
??4CVolumeManager@@QEAAAEAV0@AEBV0@@Z
??4CVolumeNotification@@QEAAAEAV0@AEBV0@@Z
??4CXMBCChord@@QEAAXAEAV0@@Z
??4CXMBCChord@@QEAAXPEAV0@@Z
??4CXMBCChords@@QEAAAEAV0@AEAV0@@Z
??4CXMBCChords@@QEAAXPEAV0@@Z
??4CXMBCTimedClick@@QEAAXAEAV0@@Z
??4CXMBCTimedClick@@QEAAXPEAV0@@Z
??4CXMBCTimedClicks@@QEAAAEAV0@AEAV0@@Z
??4CXMBCTimedClicks@@QEAAXPEAV0@@Z
??4ExceptionHandlerInstaller@@QEAAAEAV0@AEBV0@@Z
??4InvalidParameterInstaller@@QEAAAEAV0@AEBV0@@Z
??_7CActionData@@6B@
??_7CApplicationSettings@@6B@
??_7CAudioNotificationClient@@6B@
??_7CHotKeys@@6B@
??_7CHotkey@@6B@
??_7CIcon@@6B@
??_7CIconSettings@@6B@
??_7CInternalVolumeNotification@@6B@
??_7CLayerModifierKeys@@6B@
??_7CLockAxis@@6B@
??_7CSettings@@6B@
??_7CVolumeManager@@6B@
??_7CVolumeNotification@@6B@
??_7CXMBCChord@@6B@
??_7CXMBCChords@@6B@
??_7CXMBCTimedClick@@6B@
??_7CXMBCTimedClicks@@6B@
??_7ExceptionHandlerInstaller@@6B@
??_FInvalidParameterInstaller@@QEAAXXZ
?Abort@CXMBCTimedClicks@@QEAAXUtagPOINT@@_N@Z
?Action@CActionData@@QEAA?AW4_ACTIONS@@XZ
?ActivateOnHover@CApplicationSettings@@QEAAX_N@Z
?ActivateOnHover@CApplicationSettings@@QEAA_NXZ
?Active@CActionData@@QEAA_NXZ
?AddApplication@CSettings@@QEAA_NPEAVCApplicationSettings@@@Z
?AddCallback@CAudioNotificationClient@@QEAAXPEAVCInternalVolumeNotification@@@Z
?AddFiles@ExceptionHandlerInstaller@@SAXXZ
?AddIcon@CIconSettings@@QEAAHPEAVCIcon@@@Z
?AddRef@CAudioNotificationClient@@UEAAKXZ
?AddRef@CVolumeNotification@@UEAAKXZ
?AdvScrollHorizontal@CApplicationSettings@@QEAAHXZ
?AdvScrollMethod@CApplicationSettings@@QEAAHXZ
?AdvScrollVertical@CApplicationSettings@@QEAAHXZ
?AppAction@CActionData@@SAPEAV1@PEB_W@Z
?AxisLocking@CApplicationSettings@@QEAA_NXZ
?BlockMouse@CActionData@@QEAA_NXZ
?BlockMouse@CApplicationSettings@@QEAA_NHH@Z
?BlockMouse@CXMBCChord@@QEAA_NXZ
?BlockMouse@CXMBCTimedClick@@QEAA_NXZ
?BlockMouseActive@CActionData@@QEAA_NXZ
?BlockMouseActive@CApplicationSettings@@QEAA_NHH@Z
?BlockMouseActive@CXMBCChord@@QEAA_NXZ
?BlockMouseActive@CXMBCTimedClick@@QEAA_NXZ
?CalculateKeystrokesWaitHoldTime@CApplicationSettings@@SAHPEB_WH@Z
?CancelChord@CXMBCChord@@QEAAXXZ
?ChangeCursor@CApplicationSettings@@QEAAX_N@Z
?ChangeCursor@CApplicationSettings@@QEAA_NXZ
?ChangeCursor@CLockAxis@@QEAAXPEAVCSPIThread@@PEAUHICON__@@H@Z
?ChangeCursor@CLockAxis@@QEAAXPEAVCSPIThread@@PEAVCApplicationSettings@@H_N2@Z
?ChangeVolume@CVolumeManager@@QEAA_NM@Z
?CheckAbort@CXMBCTimedClicks@@QEAAXUtagPOINT@@@Z
?CheckBetaVersionEnabled@@YA_NXZ
?CheckVersionDays@@YAHXZ
?CheckVersionEnabled@@YA_NXZ
?ChordCancelled@CXMBCChord@@QEAA_NXZ
?ChordedAction@CActionData@@SAPEAV1@AEAVCXMBCChords@@@Z
?ChordingOccurred@CXMBCChord@@QEAA_NXZ
?Clear@CActionData@@QEAAXXZ
?ClearApplications@CSettings@@QEAAXXZ
?ClearChordedFlag@CXMBCChord@@QEAAXXZ
?ClearIcons@CIconSettings@@QEAAHXZ
?ClearString@CApplicationSettings@@SAXAEAPEA_W@Z
?ClipMouse@CApplicationSettings@@QEAA_NXZ
?CloseLogFile@CLogger@@SAX_N@Z
?Copy@CApplicationSettings@@QEAAXPEAV1@@Z
?Copy@CMovement2Scroll@@QEAAXPEAV1@@Z
?CopyChords@CApplicationSettings@@QEAAXHHPEAVCXMBCChords@@@Z
?CopyMovement2Scrolls@CApplicationSettings@@QEAAXHHPEAVCMovement2Scroll@@@Z
?CopyString@CApplicationSettings@@SAPEA_WAEAPEA_WPEB_W_N@Z
?CopyTimedClicks@CApplicationSettings@@QEAAXHHPEAVCXMBCTimedClicks@@@Z
?CreateFolder@@YA_NPEB_W@Z
?CreateKey@CMyRegKey@@QEAAHPEB_WPEAUHKEY__@@@Z
?CustomAction@CActionData@@SAPEAV1@HPEB_WHHH_N11100PEAVCXMBCChords@@PEAVCMovement2Scroll@@PEAVCXMBCTimedClicks@@@Z
?CycleCursorSpeed@@YAXXZ
?DebugEnabled@CLogger@@SA_NXZ
?DebugOutput@CLogger@@SAXPEB_WZZ
?DefaultRepeat@CApplicationSettings@@SAKXZ
?DelayUntilChordKnown@CXMBCChords@@QEAA_NXZ
?DeleteApplications@CSettings@@AEAAX_N@Z
?DeleteCS@CAudioThreadLock@@SAXXZ
?DeleteCS@CThreadLock@@SAXXZ
?DeleteValue@CMyRegKey@@QEAAHPEB_W@Z
?DestroyCursors@CLockAxis@@QEAAXXZ
?DisableBanner@CLogger@@SAXXZ
?DisableLogging@CLogger@@SAX_N@Z
?DisplayChanged@@YAXXZ
?Down@CBrightness@@QEAAXAEBUtagPOINT@@@Z
?EnableDebug@CLogger@@SAX_N@Z
?EnableProfileScript@CApplicationSettings@@QEAAX_N@Z
?EnhancePointerPrecision@CApplicationSettings@@QEAAX_N@Z
?EnhancePointerPrecision@CApplicationSettings@@QEAA_NXZ
?EnhancePointerPrecision@CMouseInfo@@QEAA_NXZ
?EnterCS@CAudioThreadLock@@SA_NPEB_W@Z
?EnterCS@CThreadLock@@SA_NPEB_W@Z
?ExecuteTimer@CXMBCTimedClicks@@QEAAXXZ
?Export@CSettings@@QEAA_NPEAVCApplicationSettings@@PEB_W@Z
?FlushLog@CLogger@@SAXXZ
?ForceSPIMessage@CApplicationSettings@@QEAA_NXZ
?GetAbort2OnMouseMove@CXMBCTimedClicks@@QEAA_NXZ
?GetAbortOnMouseMove@CXMBCTimedClicks@@QEAA_NXZ
?GetAborted@CXMBCTimedClicks@@QEAA_NXZ
?GetAction@CXMBCChord@@QEAA?AW4_ACTIONS@@XZ
?GetAction@CXMBCTimedClick@@QEAA?AW4_ACTIONS@@XZ
?GetActionData@CApplicationSettings@@QEAAPEAVCActionData@@HH@Z
?GetActionData@CMovement2Scroll@@QEAAPEAVCActionData@@XZ
?GetActionData@CXMBCChord@@QEAAPEAVCActionData@@XZ
?GetActionData@CXMBCTimedClick@@QEAAPEAVCActionData@@XZ
?GetActionDescription@CApplicationSettings@@QEAAPEA_WHH@Z
?GetActionString@CApplicationSettings@@AEAA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@W4MouseButtons@@H@Z
?GetActions@CApplicationSettings@@QEAA?AW4_ACTIONS@@HH_N@Z
?GetAlwaysShowOSD@@YA_NXZ
?GetApplication@CActionData@@QEAAPEA_WXZ
?GetApplication@CApplicationSettings@@QEAAPEB_WXZ
?GetApplication@CSettings@@QEAAPEAVCApplicationSettings@@H@Z
?GetApplication@CSettings@@QEAAPEAVCApplicationSettings@@PEB_W@Z
?GetApplicationCount@CSettings@@QEAAHXZ
?GetApplications@CSettings@@QEAAPEAV?$list@PEAVCApplicationSettings@@V?$allocator@PEAVCApplicationSettings@@@std@@@std@@XZ
?GetAutoSwitchLayer@CApplicationSettings@@QEAAHH@Z
?GetAutoSwitchTime@CApplicationSettings@@QEAANH@Z
?GetAxisLocked@CMovement2Scroll@@QEAAHXZ
?GetBrightness@CBrightness@@AEAAHXZ
?GetButtonUpCount@CMovement2Scroll@@QEAAHXZ
?GetCaption@CApplicationSettings@@QEAAPEB_WXZ
?GetChord@CXMBCChords@@QEAAPEAVCXMBCChord@@W4MouseButtons@@@Z
?GetChordButton@CApplicationSettings@@QEAA?AW4MouseButtons@@H@Z
?GetChordSourceButton@CXMBCChord@@QEAA?AW4MouseButtons@@XZ
?GetChordUsed@CXMBCChord@@QEAA_NXZ
?GetChordedButton@CXMBCChord@@QEAA?AW4MouseButtons@@XZ
?GetChords@CActionData@@QEAAPEAVCXMBCChords@@XZ
?GetChords@CApplicationSettings@@QEAAPEAVCXMBCChords@@HH@Z
?GetClass@CApplicationSettings@@QEAAPEB_WXZ
?GetClickAction@CXMBCTimedClicks@@QEAAPEAVCXMBCTimedClick@@XZ
?GetCount@CIconSettings@@QEAAHXZ
?GetCurrentChords@CXMBCChord@@QEAAPEAVCXMBCChords@@XZ
?GetCurrentLayer@@YAHXZ
?GetCurrentProcessName@@YAHPEA_WAEAH@Z
?GetCursor@CApplicationSettings@@QEAAPEB_WXZ
?GetCustomApplications@CSettings@@QEAAPEAV?$list@PEAVCApplicationSettings@@V?$allocator@PEAVCApplicationSettings@@@std@@@std@@XZ
?GetCycleCursorSpeed@@YAHXZ
?GetDebug@@YA_NXZ
?GetDefaultApp@CSettings@@QEAAPEAVCApplicationSettings@@XZ
?GetDefaultLogFolder@@YA_NPEA_WK@Z
?GetDefaultSettingsFile@@YAHPEA_W_K@Z
?GetDescription@CActionData@@QEAAPEA_WXZ
?GetDescription@CApplicationSettings@@QEAAPEB_WXZ
?GetDescription@CXMBCChords@@QEAAPEA_WXZ
?GetDescription@CXMBCTimedClicks@@QEAAPEA_WXZ
?GetDisableLayerModifier@CApplicationSettings@@QEAA_NXZ
?GetDisableMouseOver@CApplicationSettings@@QEAA_NXZ
?GetDisableScrollUnderCursor@CApplicationSettings@@QEAA_NXZ
?GetEXEFolder@@YAHPEA_W_K@Z
?GetEnableOSD@@YA_NXZ
?GetEnabled@CXMBCTimedClicks@@QEAA_NH@Z
?GetFilename@CSettings@@QEAAPEB_WXZ
?GetFullName@CApplicationSettings@@QEAAPEB_WXZ
?GetHooked@@YA_NXZ
?GetHooktimeoutValue@@YAKXZ
?GetHotKeys@CSettings@@QEAAPEAVCHotKeys@@XZ
?GetHotkey@CHotKeys@@QEAAPEAVCHotkey@@W4GlobalHotkeys@@@Z
?GetHotkey@CHotkey@@QEAAKXZ
?GetHotkey@CLayerModifierKeys@@QEAAPEAVCHotkey@@W4ModifierKeys@@@Z
?GetHotkeys@@YAPEAVCHotKeys@@XZ
?GetIcon@CIconSettings@@QEAAPEAVCIcon@@H@Z
?GetIgnoreHScroll@CApplicationSettings@@QEAA_NXZ
?GetIgnoreHScrollTime@CApplicationSettings@@QEAAHXZ
?GetIgnoreVScroll@CApplicationSettings@@QEAA_NXZ
?GetIgnoreVScrollTime@CApplicationSettings@@QEAAHXZ
?GetIndex@CApplicationSettings@@QEAAHXZ
?GetKey@CApplicationSettings@@QEAA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ
?GetKeys@CActionData@@QEAAPEA_WXZ
?GetKeys@CXMBCChord@@QEAAPEB_WXZ
?GetKeys@CXMBCTimedClick@@QEAAPEB_WXZ
?GetKeystrokes@CApplicationSettings@@QEAAPEA_WHH@Z
?GetKeystrokesWaitHoldTime@CActionData@@QEAAHH@Z
?GetKeystrokesWaitHoldTime@CApplicationSettings@@QEAAHHHH@Z
?GetLanguage@CSettings@@QEAAPEB_WXZ
?GetLanguageFile@@YA_NPEA_WH@Z
?GetLastUpdateCheck@@YAHXZ
?GetLaunchApp@CApplicationSettings@@QEAAPEA_WHH@Z
?GetLaunchApp@CXMBCChord@@QEAAPEB_WXZ
?GetLaunchApp@CXMBCTimedClick@@QEAAPEB_WXZ
?GetLayerDisabled@CApplicationSettings@@QEAA_NH@Z
?GetLayerDisabledNextPrev@CApplicationSettings@@QEAA_NH_N@Z
?GetLayerModifierKeys@CSettings@@QEAAPEAVCLayerModifierKeys@@XZ
?GetLayerName@CApplicationSettings@@QEAAPEA_WH@Z
?GetLayername@@YAPEB_WH@Z
?GetLock@CLogger@@SA_NXZ
?GetLogFile@@YAHPEA_W_K_N@Z
?GetLogFolder@@YAHPEA_W_K_N@Z
?GetLogicalCursorPos@@YAHPEAUHWND__@@PEAUtagPOINT@@@Z
?GetMatchType@CApplicationSettings@@QEAAHXZ
?GetModifier@CHotkey@@QEAAGXZ
?GetMouseButton@CMovement2Scroll@@QEAA?AW4MouseButtons@@XZ
?GetMouseInfo@CMouseInfo@@QEAAXAEAY02H@Z
?GetMouseSpeed@CApplicationSettings@@QEAAHXZ
?GetMouseSpeed@CMouseInfo@@QEAAHXZ
?GetMovement2Scroll@CActionData@@QEAAPEAVCMovement2Scroll@@XZ
?GetMovement2Scroll@CApplicationSettings@@QEAAPEAVCMovement2Scroll@@HH@Z
?GetName@CIcon@@QEAAPEB_WXZ
?GetOSVersion@@YA?AW4_ActionOSVersion@@XZ
?GetOfficeMouse@@YA_NXZ
?GetParentClass@CApplicationSettings@@QEAAPEB_WXZ
?GetPhysCursorPos@@YAHPEAUtagPOINT@@@Z
?GetPortable@@YA_NXZ
?GetPosition@CIcon@@QEAA?AUtagPOINT@@XZ
?GetProcessIntegrityLevel@@YAHKPEAX@Z
?GetProcessedDown@CXMBCTimedClick@@QEAA_NXZ
?GetProcessedUp@CXMBCTimedClick@@QEAA_NXZ
?GetProfileChangeScript@CApplicationSettings@@QEAAPEB_WXZ
?GetProfileWindow@@YAPEAUHWND__@@XZ
?GetReinstallOnResume@@YA_NXZ
?GetReleaseOnUp@CXMBCTimedClicks@@QEAA_NXZ
?GetResetKeys@CApplicationSettings@@QEAA_NHH@Z
?GetRevertLayer1@CApplicationSettings@@QEAA_NH@Z
?GetSettings@@YAPEAVCSettings@@XZ
?GetSettingsFile@@YAHPEA_W_K_NAEA_N@Z
?GetSettingsFolder@@YAHPEA_W_K@Z
?GetShortName@CApplicationSettings@@QEAAHPEA_WH@Z
?GetShowIcon@@YA_NXZ
?GetStartupMouseInfo@@YAAEBVCMouseInfo@@XZ
?GetStuckKeys@CApplicationSettings@@QEAAPEB_WHH@Z
?GetTime@CXMBCTimedClicks@@QEAAHH@Z
?GetTimedClick@CXMBCTimedClicks@@QEAAPEAVCXMBCTimedClick@@H@Z
?GetTimedClicks@CActionData@@QEAAPEAVCXMBCTimedClicks@@XZ
?GetTimedClicks@CApplicationSettings@@QEAAPEAVCXMBCTimedClicks@@HH@Z
?GetUseWhenDisabled@CHotkey@@QEAAHXZ
?GetUseWindowArea@CApplicationSettings@@QEAA_NXZ
?GetValue@CMyRegKey@@QEAAHPEB_WPEAK@Z
?GetValue@CMyRegKey@@QEAAHPEB_WPEAKPEAPEAE1@Z
?GetValue@CMyRegKey@@QEAAHPEB_WPEA_WK@Z
?GetVirtualKey@CHotkey@@QEAAGXZ
?GetVolume@CVolumeManager@@QEAAMXZ
?GetWin81CursorPos@@YAHPEAUtagPOINT@@@Z
?GetWindowArea@CApplicationSettings@@QEAA?AUtagRECT@@XZ
?GetWindowMask@CApplicationSettings@@QEAA?AW4WINDOWMASK@@XZ
?HookToggleXAxisInvert@@YAXXZ
?HookToggleXAxisLock@@YAXXZ
?HookToggleYAxisInvert@@YAXXZ
?HookToggleYAxisLock@@YAXXZ
?IPHandler@InvalidParameterInstaller@@CAXPEB_W00I_K@Z
?Import@CSettings@@QEAAHPEB_WPEAUHWND__@@0PEAPEAVCApplicationSettings@@@Z
?IncButtonUpCount@CMovement2Scroll@@QEAAXXZ
?Index@CIcon@@QEAAIXZ
?Init@CLockAxis@@QEAAXXZ
?InitCursors@CLockAxis@@QEAAXPEAUHINSTANCE__@@@Z
?InitGlobalCS@CAudioThreadLock@@SAXXZ
?InitGlobalCS@CThreadLock@@SAXXZ
?InitScalingFunctions@@YAXXZ
?Initialise@CLogger@@SAXXZ
?Initialise@CVolumeManager@@AEAAXXZ
?Initialise@CXMBCTimedClick@@QEAAXW4MouseButtons@@H_N@Z
?Initialise@CXMBCTimedClicks@@QEAAXW4MouseButtons@@_N@Z
?InternalLockXY@CLockAxis@@QEAAXXZ
?InternalUnlockXY@CLockAxis@@QEAAXXZ
?InvertHorizontal@CMovement2Scroll@@QEAA_NXZ
?InvertVertical@CMovement2Scroll@@QEAA_NXZ
?InvertX@CLockAxis@@QEAAXXZ
?InvertXY@CLockAxis@@QEAAXXZ
?InvertY@CLockAxis@@QEAAXXZ
?InvertedHorzScrolling@CApplicationSettings@@QEAA_NXZ
?InvertedScrolling@CApplicationSettings@@QEAA_NXZ
?IsButtonBlocked@CMovement2Scroll@@QEAA_NXZ
?IsCustomWindow@CApplicationSettings@@QEAA_NXZ
?IsDefault@CApplicationSettings@@QEAA_NXZ
?IsDesktopLocked@@YA_NXZ
?IsEnabled@CApplicationSettings@@QEAA_NXZ
?IsExtended@CHotkey@@QEAA_NXZ
?IsGadget@CIcon@@QEAA_NXZ
?IsInverted@CLockAxis@@QEAA_NXZ
?IsProfileScriptEnabled@CApplicationSettings@@QEAA_NXZ
?IsSasAvailable@CSecureAttentionSequence@@QEAA_NXZ
?IsSticky@CMovement2Scroll@@QEAA_NXZ
?IsStickyBlock@CMovement2Scroll@@QEAA_NXZ
?IsValid@CMyRegKey@@QEAAHXZ
?IsXInverted@CLockAxis@@QEAA_NXZ
?IsXMBCDisabled@@YA_N_N@Z
?IsYInverted@CLockAxis@@QEAA_NXZ
?KeyAction@CActionData@@QEAAHXZ
?KeyAction@CActionData@@SAPEAV1@PEB_WHHH_N1110@Z
?KeyExists@CMyRegKey@@QEAAHPEB_W@Z
?KeyRepeat@CActionData@@QEAAHXZ
?KillTimerThreadTimers@@YAXXZ
?LastMTSMoved@CMovement2Scroll@@QEAA_NXZ
?LeaveCS@CAudioThreadLock@@SAXXZ
?LeaveCS@CThreadLock@@SAXXZ
?LeftClickCycleLayer@@YA_NXZ
?Load@CApplicationSettings@@QEAA_NAEAVxml_node@pugi@@HAEA_NAEAH@Z
?Load@CMovement2Scroll@@QEAA_NAEAVxml_node@pugi@@H@Z
?Load@CSettings@@QEAA_NPEB_WAEA_N_N@Z
?Load@CXMBCChord@@QEAA_NAEAVxml_node@pugi@@H@Z
?Load@CXMBCChords@@QEAA_N_NAEAVxml_node@pugi@@H@Z
?Load@CXMBCTimedClick@@QEAA_NW4MouseButtons@@H_NAEAVxml_node@pugi@@H@Z
?Load@CXMBCTimedClicks@@QEAA_NW4MouseButtons@@_NAEAVxml_node@pugi@@H@Z
?LoadDefault@CApplicationSettings@@QEAA_NAEAVxml_node@pugi@@HAEAH@Z
?LoadIcons@CIconSettings@@QEAAHPEB_W@Z
?LoadIcons@CIconSettings@@QEAAHXZ
?LockCycle@CLockAxis@@QEAAXPEAVCSPIThread@@HPEAVCSettings@@PEAVCApplicationSettings@@_N@Z
?LockToAxis@CLockAxis@@QEAAXPEAVCSPIThread@@H_N@Z
?LockX@CLockAxis@@QEAAXPEAVCSPIThread@@H_N1@Z
?LockXY@CLockAxis@@QEAAXPEAVCSPIThread@@H_N@Z
?LockY@CLockAxis@@QEAAXPEAVCSPIThread@@H_N1@Z
?Locked@CLockAxis@@QEAA_NXZ
?LockedToAxis@CLockAxis@@QEAA_NXZ
?LockedX@CLockAxis@@QEAA_NXZ
?LockedY@CLockAxis@@QEAA_NXZ
?Log@CApplicationSettings@@QEAAXPEB_W@Z
?LogDebug@CLogger@@SAXPEB_WZZ
?LogMessage@CLogger@@SAXPEB_WZZ
?LogOSDebug@CLogger@@SAXKPEB_WZZ
?LogOSMessage@CLogger@@SAXKPEB_WZZ
?LogThreadDebug@CLogger@@SAXPEB_WZZ
?LoggingDisabled@CLogger@@SA_NXZ
?MatchCaption@CApplicationSettings@@QEAA_NV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?MatchClass@CApplicationSettings@@QEAA_NV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?MatchParentClass@CApplicationSettings@@QEAA_NV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?MatchProcess@CApplicationSettings@@QEAA_NV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?MatchProcess@CApplicationSettings@@QEAA_NV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PEAUHWND__@@@Z
?MaxLayers@@YAHXZ
?MaxLayers@CSettings@@QEAA?BHXZ
?NewAction@CActionData@@SAPEAV1@H@Z
?NextLayer@@YAXXZ
?NoParent@CApplicationSettings@@QEAA_NXZ
?NotificatcionsEnabled@@YA_NXZ
?Notifiction@CVolumeManager@@UEAAXW4VolumeAction@@@Z
?OSD_SHOW_WINDOW@CBrightness@@0IA
?OnDefaultDeviceChanged@CAudioNotificationClient@@UEAAJW4__MIDL___MIDL_itf_mmdeviceapi_0000_0000_0001@@W4__MIDL___MIDL_itf_mmdeviceapi_0000_0000_0002@@PEB_W@Z
?OnDeviceAdded@CAudioNotificationClient@@UEAAJPEB_W@Z
?OnDeviceRemoved@CAudioNotificationClient@@UEAAJPEB_W@Z
?OnDeviceStateChanged@CAudioNotificationClient@@UEAAJPEB_WK@Z
?OnNotify@CVolumeNotification@@UEAAJPEAUAUDIO_VOLUME_NOTIFICATION_DATA@@@Z
?OnPropertyValueChanged@CAudioNotificationClient@@UEAAJPEB_WU_tagpropertykey@@@Z
?OpenFolderAction@CActionData@@SAPEAV1@PEB_W@Z
?OpenLogFile@CLogger@@CA_NXZ
?OverrideMouseSpeed@CApplicationSettings@@QEAAX_N@Z
?OverrideMouseSpeed@CApplicationSettings@@QEAA_NXZ
?PreviousLayer@@YAXXZ
?QueryInterface@CAudioNotificationClient@@UEAAJAEBU_GUID@@PEAPEAX@Z
?QueryInterface@CVolumeNotification@@UEAAJAEBU_GUID@@PEAPEAX@Z
?RandomiseDelay@CActionData@@QEAA_NXZ
?RandomiseDelay@CApplicationSettings@@QEAA_NHH@Z
?RandomiseDelay@CXMBCChord@@QEAA_NXZ
?RandomiseDelay@CXMBCTimedClick@@QEAA_NXZ
?ReInitialise@CVolumeManager@@QEAAXXZ
?RealWindowFromPoint@@YAPEAUHWND__@@AEBUtagPOINT@@@Z
?RealWindowFromPoint_SkipLocked@@YAPEAUHWND__@@AEBUtagPOINT@@_N@Z
?RegExMatching@CApplicationSettings@@QEAA_NXZ
?Release@CAudioNotificationClient@@UEAAKXZ
?Release@CVolumeNotification@@UEAAKXZ
?ReleaseChord@CXMBCChord@@QEAAXXZ
?ReleaseLock@CLogger@@SAXXZ
?RemoveApplication@CSettings@@QEAA_NPEAVCApplicationSettings@@@Z
?RemoveCallback@CAudioNotificationClient@@QEAAXPEAVCInternalVolumeNotification@@@Z
?RemoveFindHook@@YA_NXZ
?RemoveHooks@@YAXXZ
?RemoveListedIcons@CIconSettings@@QEAAHXZ
?RemoveMouseHook@@YA_N_N@Z
?Reset@CXMBCTimedClicks@@QEAAXXZ
?ResetCursor@CLockAxis@@QEAAXPEAVCSPIThread@@@Z
?ResetGlobalCS@CAudioThreadLock@@SAXXZ
?ResetGlobalCS@CThreadLock@@SAXXZ
?Save@CApplicationSettings@@QEAA_NAEAVxml_node@pugi@@@Z
?Save@CMovement2Scroll@@QEAAXAEAVxml_node@pugi@@@Z
?Save@CSettings@@QEAA_NPEB_W@Z
?Save@CXMBCChord@@QEAAXAEAVxml_node@pugi@@@Z
?Save@CXMBCChords@@QEAAX_NAEAVxml_node@pugi@@@Z
?Save@CXMBCTimedClick@@QEAAXAEAVxml_node@pugi@@@Z
?Save@CXMBCTimedClicks@@QEAAX_NAEAVxml_node@pugi@@@Z
?SaveDefault@CApplicationSettings@@QEAA_NAEAVxml_node@pugi@@@Z
?SaveIcons@CIconSettings@@QEAAHPEB_W@Z
?SaveIcons@CIconSettings@@QEAAHXZ
?SavePersistantSettings@@YA_NXZ
?ScaleWin81CursorPos@@YAHPEAUtagPOINT@@@Z
?ScrollLines@CApplicationSettings@@QEAAHXZ
?ScrollPages@CApplicationSettings@@QEAA_NXZ
?SendKeyAction@CApplicationSettings@@QEAAHHH@Z
?SendKeyAction@CXMBCChord@@QEAAHXZ
?SendKeyAction@CXMBCTimedClick@@QEAAHXZ
?SendKeyRepeat@CApplicationSettings@@QEAAHHH@Z
?SendKeyRepeat@CXMBCChord@@QEAAHXZ
?SendKeyRepeat@CXMBCTimedClick@@QEAAHXZ
?SendKeyWhenActive@CApplicationSettings@@QEAA_NHH@Z
?SendKeyWhenActive@CXMBCChord@@QEAA_NXZ
?SendKeyWhenActive@CXMBCTimedClick@@QEAA_NXZ
?SendSAS@CSecureAttentionSequence@@QEAA_N_N@Z
?SetAbort2OnMouseMove@CXMBCTimedClicks@@QEAAX_N@Z
?SetAbortOnMouseMove@CXMBCTimedClicks@@QEAAX_N@Z
?SetAction@CXMBCChord@@QEAAXW4_ACTIONS@@@Z

Sections

.text
Size: 593KB - Virtual size: 592KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 369KB - Virtual size: 369KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 1024B - Virtual size: 604B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
uninstaller.exe
.exe windows:4 windows x86 arch:x86

b1a57b635b23ffd553b3fd1e0960b2bd

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31/05/2021, 06:43

Not After

17/09/2029, 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3d:a5:ca:7c:85:af:e6:68:8f:93:68:ae:a4:98:59:23
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

04/04/2023, 12:39

Not After

03/04/2024, 12:39

Subject

CN=Open Source Developer\, Phillip Gibbons,O=Open Source Developer,ST=Berkshire,C=GB,1.2.840.113549.1.9.1=#0c127068696c406869676872657a2e636f2e756b

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2b:d4:ae:70:b9:d0:63:5b:2a:e9:84:c8:d6:74:aa:30
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

28/07/2022, 08:56

Not After

27/07/2033, 08:56

Subject

CN=Certum Timestamp 2022,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e1:39:7b:a1:a7:d9:ac:8e:f6:f5:d4:72:63:aa:a2:c0:63:4e:93:4a
Signer

Actual PE Digest

e1:39:7b:a1:a7:d9:ac:8e:f6:f5:d4:72:63:aa:a2:c0:63:4e:93:4a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
SetFileAttributesA
CompareFileTime
SearchPathA
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
Sleep
lstrcmpiA
lstrlenA
GetVersion
SetErrorMode
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
GetLastError
CreateDirectoryA
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrcatA
GetSystemDirectoryA
WaitForSingleObject
SetFileTime
CloseHandle
GlobalFree
lstrcmpA
ExpandEnvironmentStringsA
GetExitCodeProcess
GlobalAlloc
GetCommandLineA
GetTempPathA
GetProcAddress
FindFirstFileA
FindNextFileA
DeleteFileA
SetFilePointer
ReadFile
FindClose
GetPrivateProfileStringA
WritePrivateProfileStringA
WriteFile
MulDiv
MultiByteToWideChar
LoadLibraryExA
GetModuleHandleA
FreeLibrary

user32

SetCursor
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
EndDialog
ScreenToClient
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetForegroundWindow
GetWindowLongA
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
SetTimer
PostQuitMessage
SetWindowLongA
SendMessageTimeoutA
LoadImageA
wsprintfA
GetDlgItem
FindWindowExA
IsWindow
SetClipboardData
EmptyClipboard
OpenClipboard
EndPaint
CreateDialogParamA
DestroyWindow
ShowWindow
SetWindowTextA

gdi32

SelectObject
SetBkMode
CreateFontIndirectA
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
SHFileOperationA
ShellExecuteA

advapi32

RegDeleteValueA
SetFileSecurityA
RegOpenKeyExA
RegDeleteKeyA
RegEnumValueA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegEnumKeyA

comctl32

ImageList_AddMasked
ImageList_Destroy
ImageList_Create
ord17

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ExecCmd.dll
.dll windows:4 windows x86 arch:x86

bf44c9fb48bb8c36b3e2527e7252350d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
OpenProcess
CloseHandle
GetProcAddress
LoadLibraryA
GetVersionExA
GlobalFree
TerminateProcess
GetExitCodeProcess
WaitForSingleObject
Sleep
CreateProcessA
GlobalAlloc
GetExitCodeThread
lstrcpyA
lstrcpynA
CreateThread
lstrcatA
GetEnvironmentVariableA
lstrcmpiA

user32

SendMessageA
EnumWindows
WaitForInputIdle
wsprintfA
GetWindowThreadProcessId

Exports

Exports

exec
wait

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 802B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 142B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

f2ac1ab587d5531d5f1bf76c094aef4c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
GlobalAlloc
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 510B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Tweak Pack/Lower Ping/GEAR UP BOOSTER.txt
Tweak Pack/Power Plan/POWER PLAN.png
.png
Tweak Pack/Power Plan/READ.txt
Tweak Pack/Registry Tweaks/Decrease Delay.reg
Tweak Pack/Registry Tweaks/Disable USB Power Saving.reg
Tweak Pack/Registry Tweaks/DisableEnergyEstimation.reg
Tweak Pack/Registry Tweaks/HoverTime.reg
Tweak Pack/Registry Tweaks/READ FIRST.txt
Tweak Pack/Registry Tweaks/USB Suspend Disable.reg
Tweak Pack/Registry Tweaks/disableDSearching.reg
Tweak Pack/Registry Tweaks/disableHiber.reg
Tweak Pack/Registry Tweaks/disablePrefetch.reg
Tweak Pack/Registry Tweaks/disableStartupDelay.reg
Tweak Pack/Registry Tweaks/menuShowDelay.reg
Tweak Pack/Restore Point.lnk
.lnk
Tweak Pack/Storage Cleaner/STORAGE CLEANER.txt
Tweak Pack/Tweaks/CHRISTITUS TWEAK SETTINGS.png
.png
Tweak Pack/Tweaks/IMPORTANT.txt

Sharing

General

Malware Config

Signatures

Files

b1a57b635b23ffd553b3fd1e0960b2bd

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27Certificate

Key Usages

3d:a5:ca:7c:85:af:e6:68:8f:93:68:ae:a4:98:59:23Certificate

Extended Key Usages

Key Usages

2b:d4:ae:70:b9:d0:63:5b:2a:e9:84:c8:d6:74:aa:30Certificate

Extended Key Usages

Key Usages

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39Certificate

Extended Key Usages

Key Usages

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87Certificate

Extended Key Usages

Key Usages

1b:51:25:86:af:62:b1:0f:b3:4f:04:0b:21:fe:86:b5:d7:76:3b:fbSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 108KB

.ndata Size: - Virtual size: 52KB

.rsrc Size: 24KB - Virtual size: 24KB

bf44c9fb48bb8c36b3e2527e7252350d

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 802B

.data Size: 512B - Virtual size: 142B

.reloc Size: 512B - Virtual size: 200B

738dc9bb91549f627cf1953c2000e1d6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

fb89301642ac2a39aefdd3cc2610ed81

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

3d:a5:ca:7c:85:af:e6:68:8f:93:68:ae:a4:98:59:23
Certificate

2b:d4:ae:70:b9:d0:63:5b:2a:e9:84:c8:d6:74:aa:30
Certificate

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

1b:51:25:86:af:62:b1:0f:b3:4f:04:0b:21:fe:86:b5:d7:76:3b:fb
Signer

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 108KB

.ndata
Size: - Virtual size: 52KB

.rsrc
Size: 24KB - Virtual size: 24KB

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 802B

.data
Size: 512B - Virtual size: 142B

.reloc
Size: 512B - Virtual size: 200B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 732B

.reloc
Size: 512B - Virtual size: 426B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 100B

.reloc
Size: 512B - Virtual size: 510B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 572B

.text
Size: 230KB - Virtual size: 230KB

.rdata
Size: 72KB - Virtual size: 72KB

.data
Size: 6KB - Virtual size: 25KB

.pdata
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 40KB - Virtual size: 39KB

.reloc
Size: 2KB - Virtual size: 1KB