blankgrabber | infected2024071401[.]zip

Resubmissions

21-01-2025 13:35

250121-qvptgawqbk 10

21-01-2025 11:58

21-01-2025 11:44

21-01-2025 11:07

17-07-2024 20:08

Sharing

Copy URL

Twitter E-mail

General

Target

infected2024071401.zip
Size

54.3MB
MD5

1deae7b244bd725828d39c59ccb36f5b
SHA1

af1298cefef18ddae3bc472b61828d4b8ee30594
SHA256

c56c00ca3f42026f17affef76b3752f268d1498f862b3143985ca7c1d33feb39
SHA512

15d37132af78f43b79da983fdd7db5a6716d9eded87568e1c1a24a8241f5e4e0f7de22b6c72a0640dd027ddc50f2f24fdb0ec5b8a2ed606588e2ce80aa873bbe
SSDEEP

1572864:ZCPcetzLnPM24Z4Ienxa/x4AW+kTpM/vpnT:M3LnPHxACSkTpqvpnT

Score

10^/10

blankgrabber

Malware Config

Signatures

A stealer written in Python and packaged with Pyinstaller 1 IoCs

resource	yara_rule
static1/unpack002/1�L�iŚ.pyc	blankgrabber

Blankgrabber family
blankgrabber

Unsigned PE 22 IoCs

Checks for missing Authenticode signature.

resource
unpack001/1PDF.FaturaDetay_202407.exe
unpack001/3e6642f7100bb72137d68b5aa34a2d1f1a75722ab7d2b15987bbdeb84bc3265e.exe
unpack001/4c40337094cf0bb86fad86d2ea724ac6e6a499f0acd877839a69d35c354a7792.exe
unpack001/644d928a4a942f6ae4c90640103b595941f7a0b557ba49d122d137b1429c0325.exe
unpack001/64ec6562b96016699c6ae14166f4d31bde2b160eaa84d34a661fc2943017202e.exe
unpack001/7a0395c75ac633d66a7a9f2690cbdb9c90ac5b0fc4f9273b6e0cf16f70eedd8e.exe
unpack001/901478668c0d5ecb3b5044dcb3e1744045f7b2a800a7c0c67020d9294470f3d4.exe
unpack001/938b7e042bda75e416261e46d0d4873781fd5d53c2ce6c2748b92eeb8a826598.exe
unpack001/96d1bc7dec91a7a4e5fe653853a504e07d17e898fa437cf75e929fa909dd6bb7.exe
unpack001/DTLite.exe
unpack001/PDF.FaturaDetay_202407.exe
unpack001/PDF.exe
unpack001/SIP.03746.XSLSX.exe
unpack001/a33245a27c02bbb72bf66f6bf1c960affefa8ed2a096dc1d6faa6699fe81c48a.exe
unpack001/arwbjuh.exe
unpack001/bjutbht.exe
unpack001/borlndmm.dll
unpack001/ccleaner.exe
unpack001/d87e2dcd2eb9763552645a34218696143fa99ac7b5173dcd04889ce9f5ddf96d.exe
unpack001/dwvhgtd.exe
unpack001/file.exe
unpack001/setup.exe

Files

infected2024071401.zip
.zip
1PDF.FaturaDetay_202407.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
3e6642f7100bb72137d68b5aa34a2d1f1a75722ab7d2b15987bbdeb84bc3265e.exe
.exe windows:5 windows x86 arch:x86

f7da029034c60bf8e581bd25aede6122

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\winapps\5.0\Build\QuickSearch\Release\QuickSearch.pdb

Imports

kernel32

GetEnvironmentVariableA
SetUnhandledExceptionFilter
GetCommandLineW
LocalFree
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetComputerNameW
SetFilePointer
ReadFile
GetCurrentProcessId
FreeLibrary
GetVersionExW
GetDiskFreeSpaceExW
GetVolumeInformationW
VerifyVersionInfoW
VerSetConditionMask
LocalFileTimeToFileTime
FindNextFileW
FindClose
FindFirstFileW
GetOverlappedResult
ReadDirectoryChangesW
FileTimeToLocalFileTime
CompareFileTime
FileTimeToSystemTime
CreateFileW
WriteFile
OutputDebugStringW
SetEvent
GetSystemTime
GetSystemTimeAsFileTime
SystemTimeToFileTime
GlobalFree
ResumeThread
DuplicateHandle
QueryPerformanceCounter
QueryPerformanceFrequency
lstrcpyW
GlobalUnlock
GlobalLock
GlobalAlloc
CreateMutexW
GetPrivateProfileStringW
GetLogicalDrives
CloseHandle
GetLongPathNameW
WideCharToMultiByte
lstrlenA
InterlockedExchange
lstrlenW
GetTickCount
TerminateThread
WaitForSingleObject
MultiByteToWideChar
LoadLibraryW
GetFullPathNameA
GetLastError
SetLastError
GetVersion
GetModuleFileNameW
Sleep
GetFileAttributesW
GetCurrentThreadId
GetCurrentProcess
GetModuleHandleW
GetProcAddress
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
DeleteFileA
AreFileApisANSI
GetTempPathA
DeleteFileW
GetVersionExA
OutputDebugStringA
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
CreateFileMappingA
LoadLibraryA
GetDiskFreeSpaceW
LockFileEx
HeapSize
GetTempPathW
FlushFileBuffers
HeapValidate
HeapCreate
GetFileAttributesA
HeapDestroy
FormatMessageW
FormatMessageA
GetProcessHeap
UnlockFileEx
WaitForSingleObjectEx
LockFile
FlushViewOfFile
UnlockFile
InterlockedCompareExchange
HeapFree
HeapAlloc
SetEndOfFile
TryEnterCriticalSection
HeapCompact
GetFileSize
CreateFileA
HeapReAlloc
GetFullPathNameW
ExpandEnvironmentStringsW

user32

InvalidateRect
GetFocus
IsWindowVisible
GetWindowRect
IsWindow
SendMessageW
GetWindowRgnBox
EnumChildWindows
GetSysColorBrush
TrackPopupMenu
CallWindowProcW
DestroyMenu
DispatchMessageW
TranslateMessage
PeekMessageW
MsgWaitForMultipleObjects
MessageBoxW
InsertMenuW
CreateMenu
GetMenuItemInfoW
UnionRect
GetMenuBarInfo
CheckMenuItem
EnableMenuItem
ModifyMenuW
GetMenuState
SetWindowTextW
InsertMenuItemW
DrawIconEx
GetSysColor
GetCursor
EnableWindow
SetWindowPos
SetActiveWindow
LoadAcceleratorsW
SetCapture
ReleaseCapture
ClientToScreen
FillRect
SetMenuDefaultItem
GetDlgCtrlID
TranslateAcceleratorW
GetMenuItemID
GetMenuItemCount
GetKeyState
IsZoomed
GetWindow
IsIconic
GetSystemMetrics
GetSubMenu
LoadMenuW
LoadIconW
RegisterClipboardFormatW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
UnregisterHotKey
RegisterHotKey
SetPropW
EnumWindows
PostMessageW
GetPropW
wsprintfW
LoadImageW
DestroyIcon
DrawIcon
GetIconInfo
GrayStringW
DrawTextExW
TabbedTextOutW
MonitorFromPoint
GetMonitorInfoW
MonitorFromRect
SetForegroundWindow
GetLayeredWindowAttributes
PtInRect
GetForegroundWindow
SetRectEmpty
IsRectEmpty
OffsetRect
GetActiveWindow
FrameRect
GetWindowRgn
SetWindowRgn
SetLayeredWindowAttributes
SystemParametersInfoW
TrackMouseEvent
EqualRect
DrawTextW
LoadCursorW
SetCursor
GetParent
CopyRect
SetRect
ReleaseDC
GetDC
RedrawWindow
LoadBitmapW
AppendMenuW
CreatePopupMenu
ScreenToClient
GetCursorPos
GetClientRect
SetTimer
KillTimer
SetWindowLongW
GetWindowLongW

gdi32

GetBitmapDimensionEx
GetMapMode
LPtoDP
SetBitmapDimensionEx
GetBkMode
CreateFontIndirectW
CreateSolidBrush
Escape
ExtTextOutW
FillRgn
DPtoLP
SetBrushOrgEx
CreatePatternBrush
CreatePen
GetCurrentObject
CreateFontW
GetDeviceCaps
FillPath
EndPath
BeginPath
GetBkColor
RectVisible
FrameRgn
CreateRoundRectRgn
TextOutW
GetDIBColorTable
StretchBlt
GetObjectW
SetDIBColorTable
DeleteObject
CreateDIBSection
DeleteDC
GetTextExtentPoint32W
CreateCompatibleBitmap
SelectObject
BitBlt
PtVisible
CreateCompatibleDC

shell32

ord43
ShellExecuteW
SHGetSpecialFolderPathW
SHGetFileInfoW
SHBrowseForFolderW
SHGetPathFromIDListW
Shell_NotifyIconW
ord165
SHGetSpecialFolderLocation
CommandLineToArgvW
ord701
SHGetDesktopFolder
ord716
SHFileOperationW

shlwapi

PathIsDirectoryW
StrFormatByteSizeW
SHGetValueW
SHSetValueW
PathIsNetworkPathW
PathFindExtensionW
StrFormatKBSizeW
ord354
PathFileExistsW

ole32

CoTaskMemAlloc
CLSIDFromString
CoTaskMemFree
CoInitializeEx
CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

Exports

Exports

MatchMask

Sections

.text
Size: 1016KB - Virtual size: 1016KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 185KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 779KB - Virtual size: 779KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
4c40337094cf0bb86fad86d2ea724ac6e6a499f0acd877839a69d35c354a7792.exe
.exe windows:5 windows x86 arch:x86

417c80dfdc5a9cae821cfd89fd8aeffb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\winapps\5.0\Build\QuickSearch\Release\QuickSearch.pdb

Imports

kernel32

GetEnvironmentVariableA
SetUnhandledExceptionFilter
GetCommandLineW
LocalFree
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetComputerNameW
SetFilePointer
ReadFile
GetCurrentProcessId
FreeLibrary
GetVersionExW
GetDiskFreeSpaceExW
GetVolumeInformationW
VerifyVersionInfoW
VerSetConditionMask
LocalFileTimeToFileTime
FindNextFileW
FindClose
FindFirstFileW
GetOverlappedResult
ReadDirectoryChangesW
FileTimeToLocalFileTime
CompareFileTime
FileTimeToSystemTime
CreateFileW
WriteFile
OutputDebugStringW
SetEvent
GetSystemTime
GetSystemTimeAsFileTime
SystemTimeToFileTime
GlobalFree
ResumeThread
DuplicateHandle
QueryPerformanceCounter
QueryPerformanceFrequency
lstrcpyW
GlobalUnlock
GlobalLock
GlobalAlloc
CreateMutexW
GetPrivateProfileStringW
GetLogicalDrives
CloseHandle
GetLongPathNameW
WideCharToMultiByte
lstrlenA
InterlockedExchange
lstrlenW
GetTickCount
TerminateThread
WaitForSingleObject
MultiByteToWideChar
LoadLibraryW
GetFullPathNameA
GetLastError
SetLastError
GetVersion
GetModuleFileNameW
Sleep
GetFileAttributesW
GetCurrentThreadId
GetCurrentProcess
GetModuleHandleW
GetProcAddress
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
DeleteFileA
AreFileApisANSI
GetTempPathA
DeleteFileW
GetVersionExA
OutputDebugStringA
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
CreateFileMappingA
LoadLibraryA
GetDiskFreeSpaceW
LockFileEx
HeapSize
GetTempPathW
FlushFileBuffers
HeapValidate
HeapCreate
GetFileAttributesA
HeapDestroy
FormatMessageW
FormatMessageA
GetProcessHeap
UnlockFileEx
WaitForSingleObjectEx
LockFile
FlushViewOfFile
UnlockFile
InterlockedCompareExchange
HeapFree
HeapAlloc
SetEndOfFile
TryEnterCriticalSection
HeapCompact
GetFileSize
CreateFileA
HeapReAlloc
GetFullPathNameW
ExpandEnvironmentStringsW

user32

InvalidateRect
GetFocus
IsWindowVisible
GetWindowRect
IsWindow
SendMessageW
GetWindowRgnBox
EnumChildWindows
GetSysColorBrush
TrackPopupMenu
CallWindowProcW
DestroyMenu
DispatchMessageW
TranslateMessage
PeekMessageW
MsgWaitForMultipleObjects
MessageBoxW
InsertMenuW
CreateMenu
GetMenuItemInfoW
UnionRect
GetMenuBarInfo
CheckMenuItem
EnableMenuItem
ModifyMenuW
GetMenuState
SetWindowTextW
InsertMenuItemW
DrawIconEx
GetSysColor
GetCursor
EnableWindow
SetWindowPos
SetActiveWindow
LoadAcceleratorsW
SetCapture
ReleaseCapture
ClientToScreen
FillRect
SetMenuDefaultItem
GetDlgCtrlID
TranslateAcceleratorW
GetMenuItemID
GetMenuItemCount
GetKeyState
IsZoomed
GetWindow
IsIconic
GetSystemMetrics
GetSubMenu
LoadMenuW
LoadIconW
RegisterClipboardFormatW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
UnregisterHotKey
RegisterHotKey
SetPropW
EnumWindows
PostMessageW
GetPropW
wsprintfW
LoadImageW
DestroyIcon
DrawIcon
GetIconInfo
GrayStringW
DrawTextExW
TabbedTextOutW
MonitorFromPoint
GetMonitorInfoW
MonitorFromRect
SetForegroundWindow
GetLayeredWindowAttributes
PtInRect
GetForegroundWindow
SetRectEmpty
IsRectEmpty
OffsetRect
GetActiveWindow
FrameRect
GetWindowRgn
SetWindowRgn
SetLayeredWindowAttributes
SystemParametersInfoW
TrackMouseEvent
EqualRect
DrawTextW
LoadCursorW
SetCursor
GetParent
CopyRect
SetRect
ReleaseDC
GetDC
RedrawWindow
LoadBitmapW
AppendMenuW
CreatePopupMenu
ScreenToClient
GetCursorPos
GetClientRect
SetTimer
KillTimer
SetWindowLongW
GetWindowLongW

ole32

CoTaskMemAlloc
CLSIDFromString
CoTaskMemFree
CoInitializeEx
CoCreateInstance
CoUninitialize
CoInitialize

Exports

Exports

MatchMask

Sections

.text
Size: 1016KB - Virtual size: 1016KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 185KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
644d928a4a942f6ae4c90640103b595941f7a0b557ba49d122d137b1429c0325.exe
.exe windows:5 windows x86 arch:x86

4f8bf7b275c4aa8b55735ab2c9f76fc4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\winapps\5.0\Build\QuickSearch\Release\QuickSearch.pdb

Imports

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

kernel32

GetEnvironmentVariableA
SetUnhandledExceptionFilter
GetCommandLineW
LocalFree
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetComputerNameW
SetFilePointer
ReadFile
GetCurrentProcessId
FreeLibrary
GetVersionExW
GetDiskFreeSpaceExW
GetVolumeInformationW
VerifyVersionInfoW
VerSetConditionMask
LocalFileTimeToFileTime
FindNextFileW
FindClose
FindFirstFileW
GetOverlappedResult
ReadDirectoryChangesW
FileTimeToLocalFileTime
CompareFileTime
FileTimeToSystemTime
CreateFileW
WriteFile
OutputDebugStringW
SetEvent
GetSystemTime
GetSystemTimeAsFileTime
SystemTimeToFileTime
GlobalFree
ResumeThread
DuplicateHandle
QueryPerformanceCounter
QueryPerformanceFrequency
lstrcpyW
GlobalUnlock
GlobalLock
GlobalAlloc
CreateMutexW
GetPrivateProfileStringW
GetLogicalDrives
CloseHandle
GetLongPathNameW
WideCharToMultiByte
lstrlenA
InterlockedExchange
lstrlenW
GetTickCount
TerminateThread
WaitForSingleObject
MultiByteToWideChar
LoadLibraryW
GetFullPathNameA
GetLastError
SetLastError
GetVersion
GetModuleFileNameW
Sleep
GetFileAttributesW
GetCurrentThreadId
GetCurrentProcess
GetModuleHandleW
GetProcAddress
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
DeleteFileA
AreFileApisANSI
GetTempPathA
DeleteFileW
GetVersionExA
OutputDebugStringA
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
CreateFileMappingA
LoadLibraryA
GetDiskFreeSpaceW
LockFileEx
HeapSize
GetTempPathW
FlushFileBuffers
HeapValidate
HeapCreate
GetFileAttributesA
HeapDestroy
FormatMessageW
FormatMessageA
GetProcessHeap
UnlockFileEx
WaitForSingleObjectEx
LockFile
FlushViewOfFile
UnlockFile
InterlockedCompareExchange
HeapFree
HeapAlloc
SetEndOfFile
TryEnterCriticalSection
HeapCompact
GetFileSize
CreateFileA
HeapReAlloc
GetFullPathNameW
ExpandEnvironmentStringsW

user32

InvalidateRect
GetFocus
IsWindowVisible
GetWindowRect
IsWindow
SendMessageW
GetWindowRgnBox
EnumChildWindows
GetSysColorBrush
TrackPopupMenu
CallWindowProcW
DestroyMenu
DispatchMessageW
TranslateMessage
PeekMessageW
MsgWaitForMultipleObjects
MessageBoxW
InsertMenuW
CreateMenu
GetMenuItemInfoW
UnionRect
GetMenuBarInfo
CheckMenuItem
EnableMenuItem
ModifyMenuW
GetMenuState
SetWindowTextW
InsertMenuItemW
DrawIconEx
GetSysColor
GetCursor
EnableWindow
SetWindowPos
SetActiveWindow
LoadAcceleratorsW
SetCapture
ReleaseCapture
ClientToScreen
FillRect
SetMenuDefaultItem
GetDlgCtrlID
TranslateAcceleratorW
GetMenuItemID
GetMenuItemCount
GetKeyState
IsZoomed
GetWindow
IsIconic
GetSystemMetrics
GetSubMenu
LoadMenuW
LoadIconW
RegisterClipboardFormatW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
UnregisterHotKey
RegisterHotKey
SetPropW
EnumWindows
PostMessageW
GetPropW
wsprintfW
LoadImageW
DestroyIcon
DrawIcon
GetIconInfo
GrayStringW
DrawTextExW
TabbedTextOutW
MonitorFromPoint
GetMonitorInfoW
MonitorFromRect
SetForegroundWindow
GetLayeredWindowAttributes
PtInRect
GetForegroundWindow
SetRectEmpty
IsRectEmpty
OffsetRect
GetActiveWindow
FrameRect
GetWindowRgn
SetWindowRgn
SetLayeredWindowAttributes
SystemParametersInfoW
TrackMouseEvent
EqualRect
DrawTextW
LoadCursorW
SetCursor
GetParent
CopyRect
SetRect
ReleaseDC
GetDC
RedrawWindow
LoadBitmapW
AppendMenuW
CreatePopupMenu
ScreenToClient
GetCursorPos
GetClientRect
SetTimer
KillTimer
SetWindowLongW
GetWindowLongW

gdi32

GetBitmapDimensionEx
GetMapMode
LPtoDP
SetBitmapDimensionEx
GetBkMode
CreateFontIndirectW
CreateSolidBrush
Escape
ExtTextOutW
FillRgn
DPtoLP
SetBrushOrgEx
CreatePatternBrush
CreatePen
GetCurrentObject
CreateFontW
GetDeviceCaps
FillPath
EndPath
BeginPath
GetBkColor
RectVisible
FrameRgn
CreateRoundRectRgn
TextOutW
GetDIBColorTable
StretchBlt
GetObjectW
SetDIBColorTable
DeleteObject
CreateDIBSection
DeleteDC
GetTextExtentPoint32W
CreateCompatibleBitmap
SelectObject
BitBlt
PtVisible
CreateCompatibleDC

advapi32

RegEnumKeyW
RegOpenKeyW
GetUserNameW
StartServiceW
QueryServiceStatus
CloseServiceHandle
OpenServiceW
OpenSCManagerW
RegQueryInfoKeyW
RegQueryValueExW
RegEnumKeyExW
RegNotifyChangeKeyValue
RegOpenKeyExW
RegEnumValueW
RegSetValueExW
RegCloseKey

shell32

ord43
ShellExecuteW
SHGetSpecialFolderPathW
SHGetFileInfoW
SHBrowseForFolderW
SHGetPathFromIDListW
Shell_NotifyIconW
ord165
SHGetSpecialFolderLocation
CommandLineToArgvW
ord701
SHGetDesktopFolder
ord716
SHFileOperationW

comctl32

InitCommonControlsEx
FlatSB_EnableScrollBar
_TrackMouseEvent

shlwapi

PathIsDirectoryW
StrFormatByteSizeW
SHGetValueW
SHSetValueW
PathIsNetworkPathW
PathFindExtensionW
StrFormatKBSizeW
ord354
PathFileExistsW

ole32

CoTaskMemAlloc
CLSIDFromString
CoTaskMemFree
CoInitializeEx
CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

Exports

Exports

MatchMask

Sections

.text
Size: 1016KB - Virtual size: 1016KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 185KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 770KB - Virtual size: 770KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
64ec6562b96016699c6ae14166f4d31bde2b160eaa84d34a661fc2943017202e.exe
.exe windows:5 windows x86 arch:x86

e8e837d2e90b52e232aba88021bc9c99

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\winapps\5.0\Build\QuickSearch\Release\QuickSearch.pdb

Imports

kernel32

GetEnvironmentVariableA
SetUnhandledExceptionFilter
GetCommandLineW
LocalFree
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetComputerNameW
SetFilePointer
ReadFile
GetCurrentProcessId
FreeLibrary
GetVersionExW
GetDiskFreeSpaceExW
GetVolumeInformationW
VerifyVersionInfoW
VerSetConditionMask
LocalFileTimeToFileTime
FindNextFileW
FindClose
FindFirstFileW
GetOverlappedResult
ReadDirectoryChangesW
FileTimeToLocalFileTime
CompareFileTime
FileTimeToSystemTime
CreateFileW
WriteFile
OutputDebugStringW
SetEvent
GetSystemTime
GetSystemTimeAsFileTime
SystemTimeToFileTime
GlobalFree
ResumeThread
DuplicateHandle
QueryPerformanceCounter
QueryPerformanceFrequency
lstrcpyW
GlobalUnlock
GlobalLock
GlobalAlloc
CreateMutexW
GetPrivateProfileStringW
GetLogicalDrives
CloseHandle
GetLongPathNameW
WideCharToMultiByte
lstrlenA
InterlockedExchange
lstrlenW
GetTickCount
TerminateThread
WaitForSingleObject
MultiByteToWideChar
LoadLibraryW
GetFullPathNameA
GetLastError
SetLastError
GetVersion
GetModuleFileNameW
Sleep
GetFileAttributesW
GetCurrentThreadId
GetCurrentProcess
GetModuleHandleW
GetProcAddress
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
DeleteFileA
AreFileApisANSI
GetTempPathA
DeleteFileW
GetVersionExA
OutputDebugStringA
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
CreateFileMappingA
LoadLibraryA
GetDiskFreeSpaceW
LockFileEx
HeapSize
GetTempPathW
FlushFileBuffers
HeapValidate
HeapCreate
GetFileAttributesA
HeapDestroy
FormatMessageW
FormatMessageA
GetProcessHeap
UnlockFileEx
WaitForSingleObjectEx
LockFile
FlushViewOfFile
UnlockFile
InterlockedCompareExchange
HeapFree
HeapAlloc
SetEndOfFile
TryEnterCriticalSection
HeapCompact
GetFileSize
CreateFileA
HeapReAlloc
GetFullPathNameW
ExpandEnvironmentStringsW

user32

InvalidateRect
GetFocus
IsWindowVisible
GetWindowRect
IsWindow
SendMessageW
GetWindowRgnBox
EnumChildWindows
GetSysColorBrush
TrackPopupMenu
CallWindowProcW
DestroyMenu
DispatchMessageW
TranslateMessage
PeekMessageW
MsgWaitForMultipleObjects
MessageBoxW
InsertMenuW
CreateMenu
GetMenuItemInfoW
UnionRect
GetMenuBarInfo
CheckMenuItem
EnableMenuItem
ModifyMenuW
GetMenuState
SetWindowTextW
InsertMenuItemW
DrawIconEx
GetSysColor
GetCursor
EnableWindow
SetWindowPos
SetActiveWindow
LoadAcceleratorsW
SetCapture
ReleaseCapture
ClientToScreen
FillRect
SetMenuDefaultItem
GetDlgCtrlID
TranslateAcceleratorW
GetMenuItemID
GetMenuItemCount
GetKeyState
IsZoomed
GetWindow
IsIconic
GetSystemMetrics
GetSubMenu
LoadMenuW
LoadIconW
RegisterClipboardFormatW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
UnregisterHotKey
RegisterHotKey
SetPropW
EnumWindows
PostMessageW
GetPropW
wsprintfW
LoadImageW
DestroyIcon
DrawIcon
GetIconInfo
GrayStringW
DrawTextExW
TabbedTextOutW
MonitorFromPoint
GetMonitorInfoW
MonitorFromRect
SetForegroundWindow
GetLayeredWindowAttributes
PtInRect
GetForegroundWindow
SetRectEmpty
IsRectEmpty
OffsetRect
GetActiveWindow
FrameRect
GetWindowRgn
SetWindowRgn
SetLayeredWindowAttributes
SystemParametersInfoW
TrackMouseEvent
EqualRect
DrawTextW
LoadCursorW
SetCursor
GetParent
CopyRect
SetRect
ReleaseDC
GetDC
RedrawWindow
LoadBitmapW
AppendMenuW
CreatePopupMenu
ScreenToClient
GetCursorPos
GetClientRect
SetTimer
KillTimer
SetWindowLongW
GetWindowLongW

shell32

ord43
ShellExecuteW
SHGetSpecialFolderPathW
SHGetFileInfoW
SHBrowseForFolderW
SHGetPathFromIDListW
Shell_NotifyIconW
ord165
SHGetSpecialFolderLocation
CommandLineToArgvW
ord701
SHGetDesktopFolder
ord716
SHFileOperationW

ole32

CoTaskMemAlloc
CLSIDFromString
CoTaskMemFree
CoInitializeEx
CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

Exports

Exports

MatchMask

Sections

.text
Size: 1016KB - Virtual size: 1016KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 185KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 767KB - Virtual size: 767KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
7a0395c75ac633d66a7a9f2690cbdb9c90ac5b0fc4f9273b6e0cf16f70eedd8e.exe
.exe windows:5 windows x86 arch:x86

4f8bf7b275c4aa8b55735ab2c9f76fc4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\winapps\5.0\Build\QuickSearch\Release\QuickSearch.pdb

Imports

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

kernel32

GetEnvironmentVariableA
SetUnhandledExceptionFilter
GetCommandLineW
LocalFree
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetComputerNameW
SetFilePointer
ReadFile
GetCurrentProcessId
FreeLibrary
GetVersionExW
GetDiskFreeSpaceExW
GetVolumeInformationW
VerifyVersionInfoW
VerSetConditionMask
LocalFileTimeToFileTime
FindNextFileW
FindClose
FindFirstFileW
GetOverlappedResult
ReadDirectoryChangesW
FileTimeToLocalFileTime
CompareFileTime
FileTimeToSystemTime
CreateFileW
WriteFile
OutputDebugStringW
SetEvent
GetSystemTime
GetSystemTimeAsFileTime
SystemTimeToFileTime
GlobalFree
ResumeThread
DuplicateHandle
QueryPerformanceCounter
QueryPerformanceFrequency
lstrcpyW
GlobalUnlock
GlobalLock
GlobalAlloc
CreateMutexW
GetPrivateProfileStringW
GetLogicalDrives
CloseHandle
GetLongPathNameW
WideCharToMultiByte
lstrlenA
InterlockedExchange
lstrlenW
GetTickCount
TerminateThread
WaitForSingleObject
MultiByteToWideChar
LoadLibraryW
GetFullPathNameA
GetLastError
SetLastError
GetVersion
GetModuleFileNameW
Sleep
GetFileAttributesW
GetCurrentThreadId
GetCurrentProcess
GetModuleHandleW
GetProcAddress
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
DeleteFileA
AreFileApisANSI
GetTempPathA
DeleteFileW
GetVersionExA
OutputDebugStringA
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
CreateFileMappingA
LoadLibraryA
GetDiskFreeSpaceW
LockFileEx
HeapSize
GetTempPathW
FlushFileBuffers
HeapValidate
HeapCreate
GetFileAttributesA
HeapDestroy
FormatMessageW
FormatMessageA
GetProcessHeap
UnlockFileEx
WaitForSingleObjectEx
LockFile
FlushViewOfFile
UnlockFile
InterlockedCompareExchange
HeapFree
HeapAlloc
SetEndOfFile
TryEnterCriticalSection
HeapCompact
GetFileSize
CreateFileA
HeapReAlloc
GetFullPathNameW
ExpandEnvironmentStringsW

user32

InvalidateRect
GetFocus
IsWindowVisible
GetWindowRect
IsWindow
SendMessageW
GetWindowRgnBox
EnumChildWindows
GetSysColorBrush
TrackPopupMenu
CallWindowProcW
DestroyMenu
DispatchMessageW
TranslateMessage
PeekMessageW
MsgWaitForMultipleObjects
MessageBoxW
InsertMenuW
CreateMenu
GetMenuItemInfoW
UnionRect
GetMenuBarInfo
CheckMenuItem
EnableMenuItem
ModifyMenuW
GetMenuState
SetWindowTextW
InsertMenuItemW
DrawIconEx
GetSysColor
GetCursor
EnableWindow
SetWindowPos
SetActiveWindow
LoadAcceleratorsW
SetCapture
ReleaseCapture
ClientToScreen
FillRect
SetMenuDefaultItem
GetDlgCtrlID
TranslateAcceleratorW
GetMenuItemID
GetMenuItemCount
GetKeyState
IsZoomed
GetWindow
IsIconic
GetSystemMetrics
GetSubMenu
LoadMenuW
LoadIconW
RegisterClipboardFormatW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
UnregisterHotKey
RegisterHotKey
SetPropW
EnumWindows
PostMessageW
GetPropW
wsprintfW
LoadImageW
DestroyIcon
DrawIcon
GetIconInfo
GrayStringW
DrawTextExW
TabbedTextOutW
MonitorFromPoint
GetMonitorInfoW
MonitorFromRect
SetForegroundWindow
GetLayeredWindowAttributes
PtInRect
GetForegroundWindow
SetRectEmpty
IsRectEmpty
OffsetRect
GetActiveWindow
FrameRect
GetWindowRgn
SetWindowRgn
SetLayeredWindowAttributes
SystemParametersInfoW
TrackMouseEvent
EqualRect
DrawTextW
LoadCursorW
SetCursor
GetParent
CopyRect
SetRect
ReleaseDC
GetDC
RedrawWindow
LoadBitmapW
AppendMenuW
CreatePopupMenu
ScreenToClient
GetCursorPos
GetClientRect
SetTimer
KillTimer
SetWindowLongW
GetWindowLongW

gdi32

GetBitmapDimensionEx
GetMapMode
LPtoDP
SetBitmapDimensionEx
GetBkMode
CreateFontIndirectW
CreateSolidBrush
Escape
ExtTextOutW
FillRgn
DPtoLP
SetBrushOrgEx
CreatePatternBrush
CreatePen
GetCurrentObject
CreateFontW
GetDeviceCaps
FillPath
EndPath
BeginPath
GetBkColor
RectVisible
FrameRgn
CreateRoundRectRgn
TextOutW
GetDIBColorTable
StretchBlt
GetObjectW
SetDIBColorTable
DeleteObject
CreateDIBSection
DeleteDC
GetTextExtentPoint32W
CreateCompatibleBitmap
SelectObject
BitBlt
PtVisible
CreateCompatibleDC

advapi32

RegEnumKeyW
RegOpenKeyW
GetUserNameW
StartServiceW
QueryServiceStatus
CloseServiceHandle
OpenServiceW
OpenSCManagerW
RegQueryInfoKeyW
RegQueryValueExW
RegEnumKeyExW
RegNotifyChangeKeyValue
RegOpenKeyExW
RegEnumValueW
RegSetValueExW
RegCloseKey

shell32

ord43
ShellExecuteW
SHGetSpecialFolderPathW
SHGetFileInfoW
SHBrowseForFolderW
SHGetPathFromIDListW
Shell_NotifyIconW
ord165
SHGetSpecialFolderLocation
CommandLineToArgvW
ord701
SHGetDesktopFolder
ord716
SHFileOperationW

comctl32

InitCommonControlsEx
FlatSB_EnableScrollBar
_TrackMouseEvent

shlwapi

PathIsDirectoryW
StrFormatByteSizeW
SHGetValueW
SHSetValueW
PathIsNetworkPathW
PathFindExtensionW
StrFormatKBSizeW
ord354
PathFileExistsW

ole32

CoTaskMemAlloc
CLSIDFromString
CoTaskMemFree
CoInitializeEx
CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

Exports

Exports

MatchMask

Sections

.text
Size: 1016KB - Virtual size: 1015KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 185KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 762KB - Virtual size: 762KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
901478668c0d5ecb3b5044dcb3e1744045f7b2a800a7c0c67020d9294470f3d4.exe
.exe windows:5 windows x86 arch:x86

417c80dfdc5a9cae821cfd89fd8aeffb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\winapps\5.0\Build\QuickSearch\Release\QuickSearch.pdb

Imports

kernel32

GetEnvironmentVariableA
SetUnhandledExceptionFilter
GetCommandLineW
LocalFree
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetComputerNameW
SetFilePointer
ReadFile
GetCurrentProcessId
FreeLibrary
GetVersionExW
GetDiskFreeSpaceExW
GetVolumeInformationW
VerifyVersionInfoW
VerSetConditionMask
LocalFileTimeToFileTime
FindNextFileW
FindClose
FindFirstFileW
GetOverlappedResult
ReadDirectoryChangesW
FileTimeToLocalFileTime
CompareFileTime
FileTimeToSystemTime
CreateFileW
WriteFile
OutputDebugStringW
SetEvent
GetSystemTime
GetSystemTimeAsFileTime
SystemTimeToFileTime
GlobalFree
ResumeThread
DuplicateHandle
QueryPerformanceCounter
QueryPerformanceFrequency
lstrcpyW
GlobalUnlock
GlobalLock
GlobalAlloc
CreateMutexW
GetPrivateProfileStringW
GetLogicalDrives
CloseHandle
GetLongPathNameW
WideCharToMultiByte
lstrlenA
InterlockedExchange
lstrlenW
GetTickCount
TerminateThread
WaitForSingleObject
MultiByteToWideChar
LoadLibraryW
GetFullPathNameA
GetLastError
SetLastError
GetVersion
GetModuleFileNameW
Sleep
GetFileAttributesW
GetCurrentThreadId
GetCurrentProcess
GetModuleHandleW
GetProcAddress
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
DeleteFileA
AreFileApisANSI
GetTempPathA
DeleteFileW
GetVersionExA
OutputDebugStringA
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
CreateFileMappingA
LoadLibraryA
GetDiskFreeSpaceW
LockFileEx
HeapSize
GetTempPathW
FlushFileBuffers
HeapValidate
HeapCreate
GetFileAttributesA
HeapDestroy
FormatMessageW
FormatMessageA
GetProcessHeap
UnlockFileEx
WaitForSingleObjectEx
LockFile
FlushViewOfFile
UnlockFile
InterlockedCompareExchange
HeapFree
HeapAlloc
SetEndOfFile
TryEnterCriticalSection
HeapCompact
GetFileSize
CreateFileA
HeapReAlloc
GetFullPathNameW
ExpandEnvironmentStringsW

user32

InvalidateRect
GetFocus
IsWindowVisible
GetWindowRect
IsWindow
SendMessageW
GetWindowRgnBox
EnumChildWindows
GetSysColorBrush
TrackPopupMenu
CallWindowProcW
DestroyMenu
DispatchMessageW
TranslateMessage
PeekMessageW
MsgWaitForMultipleObjects
MessageBoxW
InsertMenuW
CreateMenu
GetMenuItemInfoW
UnionRect
GetMenuBarInfo
CheckMenuItem
EnableMenuItem
ModifyMenuW
GetMenuState
SetWindowTextW
InsertMenuItemW
DrawIconEx
GetSysColor
GetCursor
EnableWindow
SetWindowPos
SetActiveWindow
LoadAcceleratorsW
SetCapture
ReleaseCapture
ClientToScreen
FillRect
SetMenuDefaultItem
GetDlgCtrlID
TranslateAcceleratorW
GetMenuItemID
GetMenuItemCount
GetKeyState
IsZoomed
GetWindow
IsIconic
GetSystemMetrics
GetSubMenu
LoadMenuW
LoadIconW
RegisterClipboardFormatW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
UnregisterHotKey
RegisterHotKey
SetPropW
EnumWindows
PostMessageW
GetPropW
wsprintfW
LoadImageW
DestroyIcon
DrawIcon
GetIconInfo
GrayStringW
DrawTextExW
TabbedTextOutW
MonitorFromPoint
GetMonitorInfoW
MonitorFromRect
SetForegroundWindow
GetLayeredWindowAttributes
PtInRect
GetForegroundWindow
SetRectEmpty
IsRectEmpty
OffsetRect
GetActiveWindow
FrameRect
GetWindowRgn
SetWindowRgn
SetLayeredWindowAttributes
SystemParametersInfoW
TrackMouseEvent
EqualRect
DrawTextW
LoadCursorW
SetCursor
GetParent
CopyRect
SetRect
ReleaseDC
GetDC
RedrawWindow
LoadBitmapW
AppendMenuW
CreatePopupMenu
ScreenToClient
GetCursorPos
GetClientRect
SetTimer
KillTimer
SetWindowLongW
GetWindowLongW

ole32

CoTaskMemAlloc
CLSIDFromString
CoTaskMemFree
CoInitializeEx
CoCreateInstance
CoUninitialize
CoInitialize

Exports

Exports

MatchMask

Sections

.text
Size: 1016KB - Virtual size: 1016KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 185KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
938b7e042bda75e416261e46d0d4873781fd5d53c2ce6c2748b92eeb8a826598.exe
.exe windows:5 windows x86 arch:x86

e8e837d2e90b52e232aba88021bc9c99

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\winapps\5.0\Build\QuickSearch\Release\QuickSearch.pdb

Imports

kernel32

GetEnvironmentVariableA
SetUnhandledExceptionFilter
GetCommandLineW
LocalFree
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetComputerNameW
SetFilePointer
ReadFile
GetCurrentProcessId
FreeLibrary
GetVersionExW
GetDiskFreeSpaceExW
GetVolumeInformationW
VerifyVersionInfoW
VerSetConditionMask
LocalFileTimeToFileTime
FindNextFileW
FindClose
FindFirstFileW
GetOverlappedResult
ReadDirectoryChangesW
FileTimeToLocalFileTime
CompareFileTime
FileTimeToSystemTime
CreateFileW
WriteFile
OutputDebugStringW
SetEvent
GetSystemTime
GetSystemTimeAsFileTime
SystemTimeToFileTime
GlobalFree
ResumeThread
DuplicateHandle
QueryPerformanceCounter
QueryPerformanceFrequency
lstrcpyW
GlobalUnlock
GlobalLock
GlobalAlloc
CreateMutexW
GetPrivateProfileStringW
GetLogicalDrives
CloseHandle
GetLongPathNameW
WideCharToMultiByte
lstrlenA
InterlockedExchange
lstrlenW
GetTickCount
TerminateThread
WaitForSingleObject
MultiByteToWideChar
LoadLibraryW
GetFullPathNameA
GetLastError
SetLastError
GetVersion
GetModuleFileNameW
Sleep
GetFileAttributesW
GetCurrentThreadId
GetCurrentProcess
GetModuleHandleW
GetProcAddress
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
DeleteFileA
AreFileApisANSI
GetTempPathA
DeleteFileW
GetVersionExA
OutputDebugStringA
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
CreateFileMappingA
LoadLibraryA
GetDiskFreeSpaceW
LockFileEx
HeapSize
GetTempPathW
FlushFileBuffers
HeapValidate
HeapCreate
GetFileAttributesA
HeapDestroy
FormatMessageW
FormatMessageA
GetProcessHeap
UnlockFileEx
WaitForSingleObjectEx
LockFile
FlushViewOfFile
UnlockFile
InterlockedCompareExchange
HeapFree
HeapAlloc
SetEndOfFile
TryEnterCriticalSection
HeapCompact
GetFileSize
CreateFileA
HeapReAlloc
GetFullPathNameW
ExpandEnvironmentStringsW

user32

InvalidateRect
GetFocus
IsWindowVisible
GetWindowRect
IsWindow
SendMessageW
GetWindowRgnBox
EnumChildWindows
GetSysColorBrush
TrackPopupMenu
CallWindowProcW
DestroyMenu
DispatchMessageW
TranslateMessage
PeekMessageW
MsgWaitForMultipleObjects
MessageBoxW
InsertMenuW
CreateMenu
GetMenuItemInfoW
UnionRect
GetMenuBarInfo
CheckMenuItem
EnableMenuItem
ModifyMenuW
GetMenuState
SetWindowTextW
InsertMenuItemW
DrawIconEx
GetSysColor
GetCursor
EnableWindow
SetWindowPos
SetActiveWindow
LoadAcceleratorsW
SetCapture
ReleaseCapture
ClientToScreen
FillRect
SetMenuDefaultItem
GetDlgCtrlID
TranslateAcceleratorW
GetMenuItemID
GetMenuItemCount
GetKeyState
IsZoomed
GetWindow
IsIconic
GetSystemMetrics
GetSubMenu
LoadMenuW
LoadIconW
RegisterClipboardFormatW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
UnregisterHotKey
RegisterHotKey
SetPropW
EnumWindows
PostMessageW
GetPropW
wsprintfW
LoadImageW
DestroyIcon
DrawIcon
GetIconInfo
GrayStringW
DrawTextExW
TabbedTextOutW
MonitorFromPoint
GetMonitorInfoW
MonitorFromRect
SetForegroundWindow
GetLayeredWindowAttributes
PtInRect
GetForegroundWindow
SetRectEmpty
IsRectEmpty
OffsetRect
GetActiveWindow
FrameRect
GetWindowRgn
SetWindowRgn
SetLayeredWindowAttributes
SystemParametersInfoW
TrackMouseEvent
EqualRect
DrawTextW
LoadCursorW
SetCursor
GetParent
CopyRect
SetRect
ReleaseDC
GetDC
RedrawWindow
LoadBitmapW
AppendMenuW
CreatePopupMenu
ScreenToClient
GetCursorPos
GetClientRect
SetTimer
KillTimer
SetWindowLongW
GetWindowLongW

shell32

ord43
ShellExecuteW
SHGetSpecialFolderPathW
SHGetFileInfoW
SHBrowseForFolderW
SHGetPathFromIDListW
Shell_NotifyIconW
ord165
SHGetSpecialFolderLocation
CommandLineToArgvW
ord701
SHGetDesktopFolder
ord716
SHFileOperationW

ole32

CoTaskMemAlloc
CLSIDFromString
CoTaskMemFree
CoInitializeEx
CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

Exports

Exports

MatchMask

Sections

.text
Size: 1016KB - Virtual size: 1016KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 185KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 771KB - Virtual size: 770KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
96d1bc7dec91a7a4e5fe653853a504e07d17e898fa437cf75e929fa909dd6bb7.exe
.exe windows:5 windows x86 arch:x86

417c80dfdc5a9cae821cfd89fd8aeffb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\winapps\5.0\Build\QuickSearch\Release\QuickSearch.pdb

Imports

kernel32

GetEnvironmentVariableA
SetUnhandledExceptionFilter
GetCommandLineW
LocalFree
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetComputerNameW
SetFilePointer
ReadFile
GetCurrentProcessId
FreeLibrary
GetVersionExW
GetDiskFreeSpaceExW
GetVolumeInformationW
VerifyVersionInfoW
VerSetConditionMask
LocalFileTimeToFileTime
FindNextFileW
FindClose
FindFirstFileW
GetOverlappedResult
ReadDirectoryChangesW
FileTimeToLocalFileTime
CompareFileTime
FileTimeToSystemTime
CreateFileW
WriteFile
OutputDebugStringW
SetEvent
GetSystemTime
GetSystemTimeAsFileTime
SystemTimeToFileTime
GlobalFree
ResumeThread
DuplicateHandle
QueryPerformanceCounter
QueryPerformanceFrequency
lstrcpyW
GlobalUnlock
GlobalLock
GlobalAlloc
CreateMutexW
GetPrivateProfileStringW
GetLogicalDrives
CloseHandle
GetLongPathNameW
WideCharToMultiByte
lstrlenA
InterlockedExchange
lstrlenW
GetTickCount
TerminateThread
WaitForSingleObject
MultiByteToWideChar
LoadLibraryW
GetFullPathNameA
GetLastError
SetLastError
GetVersion
GetModuleFileNameW
Sleep
GetFileAttributesW
GetCurrentThreadId
GetCurrentProcess
GetModuleHandleW
GetProcAddress
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
DeleteFileA
AreFileApisANSI
GetTempPathA
DeleteFileW
GetVersionExA
OutputDebugStringA
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
CreateFileMappingA
LoadLibraryA
GetDiskFreeSpaceW
LockFileEx
HeapSize
GetTempPathW
FlushFileBuffers
HeapValidate
HeapCreate
GetFileAttributesA
HeapDestroy
FormatMessageW
FormatMessageA
GetProcessHeap
UnlockFileEx
WaitForSingleObjectEx
LockFile
FlushViewOfFile
UnlockFile
InterlockedCompareExchange
HeapFree
HeapAlloc
SetEndOfFile
TryEnterCriticalSection
HeapCompact
GetFileSize
CreateFileA
HeapReAlloc
GetFullPathNameW
ExpandEnvironmentStringsW

user32

InvalidateRect
GetFocus
IsWindowVisible
GetWindowRect
IsWindow
SendMessageW
GetWindowRgnBox
EnumChildWindows
GetSysColorBrush
TrackPopupMenu
CallWindowProcW
DestroyMenu
DispatchMessageW
TranslateMessage
PeekMessageW
MsgWaitForMultipleObjects
MessageBoxW
InsertMenuW
CreateMenu
GetMenuItemInfoW
UnionRect
GetMenuBarInfo
CheckMenuItem
EnableMenuItem
ModifyMenuW
GetMenuState
SetWindowTextW
InsertMenuItemW
DrawIconEx
GetSysColor
GetCursor
EnableWindow
SetWindowPos
SetActiveWindow
LoadAcceleratorsW
SetCapture
ReleaseCapture
ClientToScreen
FillRect
SetMenuDefaultItem
GetDlgCtrlID
TranslateAcceleratorW
GetMenuItemID
GetMenuItemCount
GetKeyState
IsZoomed
GetWindow
IsIconic
GetSystemMetrics
GetSubMenu
LoadMenuW
LoadIconW
RegisterClipboardFormatW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
UnregisterHotKey
RegisterHotKey
SetPropW
EnumWindows
PostMessageW
GetPropW
wsprintfW
LoadImageW
DestroyIcon
DrawIcon
GetIconInfo
GrayStringW
DrawTextExW
TabbedTextOutW
MonitorFromPoint
GetMonitorInfoW
MonitorFromRect
SetForegroundWindow
GetLayeredWindowAttributes
PtInRect
GetForegroundWindow
SetRectEmpty
IsRectEmpty
OffsetRect
GetActiveWindow
FrameRect
GetWindowRgn
SetWindowRgn
SetLayeredWindowAttributes
SystemParametersInfoW
TrackMouseEvent
EqualRect
DrawTextW
LoadCursorW
SetCursor
GetParent
CopyRect
SetRect
ReleaseDC
GetDC
RedrawWindow
LoadBitmapW
AppendMenuW
CreatePopupMenu
ScreenToClient
GetCursorPos
GetClientRect
SetTimer
KillTimer
SetWindowLongW
GetWindowLongW

ole32

CoTaskMemAlloc
CLSIDFromString
CoTaskMemFree
CoInitializeEx
CoCreateInstance
CoUninitialize
CoInitialize

Exports

Exports

MatchMask

Sections

.text
Size: 1016KB - Virtual size: 1016KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 185KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 754KB - Virtual size: 754KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Built.exe
.exe windows:6 windows x64 arch:x64

456e8615ad4320c9f54e50319a19df9c

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-05-2021 00:00

Not After

31-12-2028 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6e
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22-03-2021 00:00

Not After

21-03-2036 23:59

Subject

CN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

bf:b1:50:01:bb:f5:92:d4:96:2a:77:97:ea:73:6f:a3
Certificate

Issuer

CN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GB

Not Before

29-09-2021 00:00

Not After

28-09-2024 23:59

Subject

SERIALNUMBER=407950,CN=Akeo Consulting,O=Akeo Consulting,ST=Donegal,C=IE,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024945

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12-01-2016 00:00

Not After

11-01-2031 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23-12-2017 00:00

Not After

22-03-2029 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

44:06:5b:e5:1c:09:03:a4:f9:aa:3e:fb:5f:15:73:59:c5:9d:52:19:ad:35:c0:49:44:4e:a4:a5:8d:4e:65:5d
Signer

Actual PE Digest

44:06:5b:e5:1c:09:03:a4:f9:aa:3e:fb:5f:15:73:59:c5:9d:52:19:ad:35:c0:49:44:4e:a4:a5:8d:4e:65:5d

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

CreateWindowExW
PostMessageW
GetMessageW
MessageBoxW
MessageBoxA
SystemParametersInfoW
DestroyIcon
SetWindowLongPtrW
GetWindowLongPtrW
GetClientRect
InvalidateRect
ReleaseDC
GetDC
DrawTextW
GetDialogBaseUnits
EndDialog
DialogBoxIndirectParamW
MoveWindow
SendMessageW

comctl32

ord380

kernel32

GetACP
IsValidCodePage
GetStringTypeW
GetFileAttributesExW
SetEnvironmentVariableW
FlushFileBuffers
GetCurrentDirectoryW
GetOEMCP
GetCPInfo
GetModuleHandleW
MulDiv
GetLastError
FormatMessageW
GetModuleFileNameW
SetDllDirectoryW
CreateSymbolicLinkW
GetProcAddress
CreateDirectoryW
GetCommandLineW
GetEnvironmentVariableW
ExpandEnvironmentStringsW
GetEnvironmentStringsW
FindClose
FindFirstFileW
FindNextFileW
GetDriveTypeW
RemoveDirectoryW
GetTempPathW
CloseHandle
WaitForSingleObject
Sleep
GetCurrentProcess
GetExitCodeProcess
CreateProcessW
GetStartupInfoW
FreeLibrary
LoadLibraryExW
LocalFree
SetConsoleCtrlHandler
K32EnumProcessModules
K32GetModuleFileNameExW
CreateFileW
FindFirstFileExW
GetFinalPathNameByHandleW
MultiByteToWideChar
WideCharToMultiByte
FreeEnvironmentStringsW
GetProcessHeap
GetTimeZoneInformation
HeapSize
HeapReAlloc
WriteConsoleW
SetEndOfFile
DeleteFileW
IsProcessorFeaturePresent
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
RtlUnwindEx
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EncodePointer
RaiseException
RtlPcToFileHeader
GetCommandLineA
GetFileInformationByHandle
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
ReadFile
GetFullPathNameW
SetStdHandle
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleExW
HeapFree
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetConsoleOutputCP
GetFileSizeEx
HeapAlloc
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW

advapi32

OpenProcessToken
GetTokenInformation
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertSidToStringSidW

gdi32

SelectObject
DeleteObject
CreateFontIndirectW

Sections

.text
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
1�L�iŚ.pyc
DHL_PT563857935689275783656385FV-GDS3535353.bat
DTLite.exe
.exe windows:5 windows x86 arch:x86

4f8bf7b275c4aa8b55735ab2c9f76fc4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\winapps\5.0\Build\QuickSearch\Release\QuickSearch.pdb

Imports

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

kernel32

GetEnvironmentVariableA
SetUnhandledExceptionFilter
GetCommandLineW
LocalFree
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetComputerNameW
SetFilePointer
ReadFile
GetCurrentProcessId
FreeLibrary
GetVersionExW
GetDiskFreeSpaceExW
GetVolumeInformationW
VerifyVersionInfoW
VerSetConditionMask
LocalFileTimeToFileTime
FindNextFileW
FindClose
FindFirstFileW
GetOverlappedResult
ReadDirectoryChangesW
FileTimeToLocalFileTime
CompareFileTime
FileTimeToSystemTime
CreateFileW
WriteFile
OutputDebugStringW
SetEvent
GetSystemTime
GetSystemTimeAsFileTime
SystemTimeToFileTime
GlobalFree
ResumeThread
DuplicateHandle
QueryPerformanceCounter
QueryPerformanceFrequency
lstrcpyW
GlobalUnlock
GlobalLock
GlobalAlloc
CreateMutexW
GetPrivateProfileStringW
GetLogicalDrives
CloseHandle
GetLongPathNameW
WideCharToMultiByte
lstrlenA
InterlockedExchange
lstrlenW
GetTickCount
TerminateThread
WaitForSingleObject
MultiByteToWideChar
LoadLibraryW
GetFullPathNameA
GetLastError
SetLastError
GetVersion
GetModuleFileNameW
Sleep
GetFileAttributesW
GetCurrentThreadId
GetCurrentProcess
GetModuleHandleW
GetProcAddress
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
DeleteFileA
AreFileApisANSI
GetTempPathA
DeleteFileW
GetVersionExA
OutputDebugStringA
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
CreateFileMappingA
LoadLibraryA
GetDiskFreeSpaceW
LockFileEx
HeapSize
GetTempPathW
FlushFileBuffers
HeapValidate
HeapCreate
GetFileAttributesA
HeapDestroy
FormatMessageW
FormatMessageA
GetProcessHeap
UnlockFileEx
WaitForSingleObjectEx
LockFile
FlushViewOfFile
UnlockFile
InterlockedCompareExchange
HeapFree
HeapAlloc
SetEndOfFile
TryEnterCriticalSection
HeapCompact
GetFileSize
CreateFileA
HeapReAlloc
GetFullPathNameW
ExpandEnvironmentStringsW

user32

InvalidateRect
GetFocus
IsWindowVisible
GetWindowRect
IsWindow
SendMessageW
GetWindowRgnBox
EnumChildWindows
GetSysColorBrush
TrackPopupMenu
CallWindowProcW
DestroyMenu
DispatchMessageW
TranslateMessage
PeekMessageW
MsgWaitForMultipleObjects
MessageBoxW
InsertMenuW
CreateMenu
GetMenuItemInfoW
UnionRect
GetMenuBarInfo
CheckMenuItem
EnableMenuItem
ModifyMenuW
GetMenuState
SetWindowTextW
InsertMenuItemW
DrawIconEx
GetSysColor
GetCursor
EnableWindow
SetWindowPos
SetActiveWindow
LoadAcceleratorsW
SetCapture
ReleaseCapture
ClientToScreen
FillRect
SetMenuDefaultItem
GetDlgCtrlID
TranslateAcceleratorW
GetMenuItemID
GetMenuItemCount
GetKeyState
IsZoomed
GetWindow
IsIconic
GetSystemMetrics
GetSubMenu
LoadMenuW
LoadIconW
RegisterClipboardFormatW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
UnregisterHotKey
RegisterHotKey
SetPropW
EnumWindows
PostMessageW
GetPropW
wsprintfW
LoadImageW
DestroyIcon
DrawIcon
GetIconInfo
GrayStringW
DrawTextExW
TabbedTextOutW
MonitorFromPoint
GetMonitorInfoW
MonitorFromRect
SetForegroundWindow
GetLayeredWindowAttributes
PtInRect
GetForegroundWindow
SetRectEmpty
IsRectEmpty
OffsetRect
GetActiveWindow
FrameRect
GetWindowRgn
SetWindowRgn
SetLayeredWindowAttributes
SystemParametersInfoW
TrackMouseEvent
EqualRect
DrawTextW
LoadCursorW
SetCursor
GetParent
CopyRect
SetRect
ReleaseDC
GetDC
RedrawWindow
LoadBitmapW
AppendMenuW
CreatePopupMenu
ScreenToClient
GetCursorPos
GetClientRect
SetTimer
KillTimer
SetWindowLongW
GetWindowLongW

gdi32

GetBitmapDimensionEx
GetMapMode
LPtoDP
SetBitmapDimensionEx
GetBkMode
CreateFontIndirectW
CreateSolidBrush
Escape
ExtTextOutW
FillRgn
DPtoLP
SetBrushOrgEx
CreatePatternBrush
CreatePen
GetCurrentObject
CreateFontW
GetDeviceCaps
FillPath
EndPath
BeginPath
GetBkColor
RectVisible
FrameRgn
CreateRoundRectRgn
TextOutW
GetDIBColorTable
StretchBlt
GetObjectW
SetDIBColorTable
DeleteObject
CreateDIBSection
DeleteDC
GetTextExtentPoint32W
CreateCompatibleBitmap
SelectObject
BitBlt
PtVisible
CreateCompatibleDC

advapi32

RegEnumKeyW
RegOpenKeyW
GetUserNameW
StartServiceW
QueryServiceStatus
CloseServiceHandle
OpenServiceW
OpenSCManagerW
RegQueryInfoKeyW
RegQueryValueExW
RegEnumKeyExW
RegNotifyChangeKeyValue
RegOpenKeyExW
RegEnumValueW
RegSetValueExW
RegCloseKey

shell32

ord43
ShellExecuteW
SHGetSpecialFolderPathW
SHGetFileInfoW
SHBrowseForFolderW
SHGetPathFromIDListW
Shell_NotifyIconW
ord165
SHGetSpecialFolderLocation
CommandLineToArgvW
ord701
SHGetDesktopFolder
ord716
SHFileOperationW

comctl32

InitCommonControlsEx
FlatSB_EnableScrollBar
_TrackMouseEvent

shlwapi

PathIsDirectoryW
StrFormatByteSizeW
SHGetValueW
SHSetValueW
PathIsNetworkPathW
PathFindExtensionW
StrFormatKBSizeW
ord354
PathFileExistsW

ole32

CoTaskMemAlloc
CLSIDFromString
CoTaskMemFree
CoInitializeEx
CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

Exports

Exports

MatchMask

Sections

.text
Size: 1016KB - Virtual size: 1015KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 185KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 816KB - Virtual size: 815KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PDF.FaturaDetay_202407.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PDF.exe
.exe windows:4 windows x64 arch:x64

7182b1ea6f92adbf459a2c65d8d4dd9e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

memset
wcsncmp
memmove
wcsncpy
wcsstr
_wcsnicmp
_wcsdup
free
_wcsicmp
wcslen
wcscpy
wcscmp
memcpy
tolower
wcscat
malloc

kernel32

GetModuleHandleW
HeapCreate
GetStdHandle
HeapDestroy
ExitProcess
WriteFile
GetTempFileNameW
LoadLibraryExW
EnumResourceTypesW
FreeLibrary
RemoveDirectoryW
GetExitCodeProcess
EnumResourceNamesW
GetCommandLineW
LoadResource
SizeofResource
FreeResource
FindResourceW
GetShortPathNameW
GetSystemDirectoryW
EnterCriticalSection
CloseHandle
LeaveCriticalSection
InitializeCriticalSection
WaitForSingleObject
TerminateThread
CreateThread
Sleep
WideCharToMultiByte
HeapAlloc
HeapFree
LoadLibraryW
GetProcAddress
GetCurrentProcessId
GetCurrentThreadId
GetModuleFileNameW
GetEnvironmentVariableW
SetEnvironmentVariableW
GetCurrentProcess
TerminateProcess
RtlLookupFunctionEntry
RtlVirtualUnwind
RemoveVectoredExceptionHandler
AddVectoredExceptionHandler
HeapSize
MultiByteToWideChar
CreateDirectoryW
SetFileAttributesW
GetTempPathW
DeleteFileW
GetCurrentDirectoryW
SetCurrentDirectoryW
CreateFileW
SetFilePointer
TlsFree
TlsGetValue
TlsSetValue
TlsAlloc
HeapReAlloc
DeleteCriticalSection
GetLastError
SetLastError
UnregisterWait
GetCurrentThread
DuplicateHandle
RegisterWaitForSingleObject

shell32

ShellExecuteExW
SHGetFolderLocation
SHGetPathFromIDListW

winmm

timeBeginPeriod

ole32

CoInitialize
CoTaskMemFree

shlwapi

PathAddBackslashW
PathRenameExtensionW
PathQuoteSpacesW
PathRemoveArgsW
PathRemoveBackslashW

user32

CharUpperW
CharLowerW
MessageBoxW
DefWindowProcW
GetWindowLongPtrW
GetWindowTextLengthW
GetWindowTextW
EnableWindow
DestroyWindow
UnregisterClassW
LoadIconW
LoadCursorW
RegisterClassExW
IsWindowEnabled
GetSystemMetrics
CreateWindowExW
SetWindowLongPtrW
SendMessageW
SetFocus
CreateAcceleratorTableW
SetForegroundWindow
BringWindowToTop
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
DestroyAcceleratorTable
PostMessageW
GetForegroundWindow
GetWindowThreadProcessId
IsWindowVisible
EnumWindows
SetWindowPos

gdi32

GetStockObject

comctl32

InitCommonControlsEx

Sections

.code
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SIP.03746.XSLSX.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
a33245a27c02bbb72bf66f6bf1c960affefa8ed2a096dc1d6faa6699fe81c48a.exe
.exe windows:5 windows x86 arch:x86

e8e837d2e90b52e232aba88021bc9c99

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\winapps\5.0\Build\QuickSearch\Release\QuickSearch.pdb

Imports

kernel32

GetEnvironmentVariableA
SetUnhandledExceptionFilter
GetCommandLineW
LocalFree
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetComputerNameW
SetFilePointer
ReadFile
GetCurrentProcessId
FreeLibrary
GetVersionExW
GetDiskFreeSpaceExW
GetVolumeInformationW
VerifyVersionInfoW
VerSetConditionMask
LocalFileTimeToFileTime
FindNextFileW
FindClose
FindFirstFileW
GetOverlappedResult
ReadDirectoryChangesW
FileTimeToLocalFileTime
CompareFileTime
FileTimeToSystemTime
CreateFileW
WriteFile
OutputDebugStringW
SetEvent
GetSystemTime
GetSystemTimeAsFileTime
SystemTimeToFileTime
GlobalFree
ResumeThread
DuplicateHandle
QueryPerformanceCounter
QueryPerformanceFrequency
lstrcpyW
GlobalUnlock
GlobalLock
GlobalAlloc
CreateMutexW
GetPrivateProfileStringW
GetLogicalDrives
CloseHandle
GetLongPathNameW
WideCharToMultiByte
lstrlenA
InterlockedExchange
lstrlenW
GetTickCount
TerminateThread
WaitForSingleObject
MultiByteToWideChar
LoadLibraryW
GetFullPathNameA
GetLastError
SetLastError
GetVersion
GetModuleFileNameW
Sleep
GetFileAttributesW
GetCurrentThreadId
GetCurrentProcess
GetModuleHandleW
GetProcAddress
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
DeleteFileA
AreFileApisANSI
GetTempPathA
DeleteFileW
GetVersionExA
OutputDebugStringA
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
CreateFileMappingA
LoadLibraryA
GetDiskFreeSpaceW
LockFileEx
HeapSize
GetTempPathW
FlushFileBuffers
HeapValidate
HeapCreate
GetFileAttributesA
HeapDestroy
FormatMessageW
FormatMessageA
GetProcessHeap
UnlockFileEx
WaitForSingleObjectEx
LockFile
FlushViewOfFile
UnlockFile
InterlockedCompareExchange
HeapFree
HeapAlloc
SetEndOfFile
TryEnterCriticalSection
HeapCompact
GetFileSize
CreateFileA
HeapReAlloc
GetFullPathNameW
ExpandEnvironmentStringsW

user32

InvalidateRect
GetFocus
IsWindowVisible
GetWindowRect
IsWindow
SendMessageW
GetWindowRgnBox
EnumChildWindows
GetSysColorBrush
TrackPopupMenu
CallWindowProcW
DestroyMenu
DispatchMessageW
TranslateMessage
PeekMessageW
MsgWaitForMultipleObjects
MessageBoxW
InsertMenuW
CreateMenu
GetMenuItemInfoW
UnionRect
GetMenuBarInfo
CheckMenuItem
EnableMenuItem
ModifyMenuW
GetMenuState
SetWindowTextW
InsertMenuItemW
DrawIconEx
GetSysColor
GetCursor
EnableWindow
SetWindowPos
SetActiveWindow
LoadAcceleratorsW
SetCapture
ReleaseCapture
ClientToScreen
FillRect
SetMenuDefaultItem
GetDlgCtrlID
TranslateAcceleratorW
GetMenuItemID
GetMenuItemCount
GetKeyState
IsZoomed
GetWindow
IsIconic
GetSystemMetrics
GetSubMenu
LoadMenuW
LoadIconW
RegisterClipboardFormatW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
UnregisterHotKey
RegisterHotKey
SetPropW
EnumWindows
PostMessageW
GetPropW
wsprintfW
LoadImageW
DestroyIcon
DrawIcon
GetIconInfo
GrayStringW
DrawTextExW
TabbedTextOutW
MonitorFromPoint
GetMonitorInfoW
MonitorFromRect
SetForegroundWindow
GetLayeredWindowAttributes
PtInRect
GetForegroundWindow
SetRectEmpty
IsRectEmpty
OffsetRect
GetActiveWindow
FrameRect
GetWindowRgn
SetWindowRgn
SetLayeredWindowAttributes
SystemParametersInfoW
TrackMouseEvent
EqualRect
DrawTextW
LoadCursorW
SetCursor
GetParent
CopyRect
SetRect
ReleaseDC
GetDC
RedrawWindow
LoadBitmapW
AppendMenuW
CreatePopupMenu
ScreenToClient
GetCursorPos
GetClientRect
SetTimer
KillTimer
SetWindowLongW
GetWindowLongW

shell32

ord43
ShellExecuteW
SHGetSpecialFolderPathW
SHGetFileInfoW
SHBrowseForFolderW
SHGetPathFromIDListW
Shell_NotifyIconW
ord165
SHGetSpecialFolderLocation
CommandLineToArgvW
ord701
SHGetDesktopFolder
ord716
SHFileOperationW

ole32

CoTaskMemAlloc
CLSIDFromString
CoTaskMemFree
CoInitializeEx
CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

Exports

Exports

MatchMask

Sections

.text
Size: 1016KB - Virtual size: 1016KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 185KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 771KB - Virtual size: 771KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
arwbjuh.exe
.exe windows:5 windows x86 arch:x86

3e14c881bae1a3bb325eea058df0a11c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadStringPtrW
SetEndOfFile
LocalCompact
CreateHardLinkA
GetModuleHandleW
EnumResourceTypesA
LoadLibraryW
ReadConsoleInputA
IsBadCodePtr
CreateEventA
GetACP
GlobalUnlock
GetLastError
SetLastError
GetProcAddress
AttachConsole
CreateJobSet
LoadLibraryA
FindResourceA
AddAtomW
GetModuleFileNameA
EnumResourceNamesA
GetFileTime
ReleaseMutex
GetDiskFreeSpaceExW
TerminateJobObject
GetWindowsDirectoryW
CheckRemoteDebuggerPresent
CloseHandle
CreateFileW
FlushFileBuffers
GetStringTypeW
LCMapStringW
LocalAlloc
CreateFileA
WriteConsoleW
SetStdHandle
HeapAlloc
ExitProcess
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
HeapFree
WriteFile
GetStdHandle
GetModuleFileNameW
HeapCreate
ReadFile
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
SetFilePointer
GetConsoleCP
GetConsoleMode
GetCPInfo
GetOEMCP
IsValidCodePage
MultiByteToWideChar
RtlUnwind
HeapSize
HeapReAlloc
RaiseException

user32

GetMessageTime
GetKeyboardLayout
CharUpperBuffA
SetCursorPos
LoadMenuW
GetCaretPos
GetSysColorBrush
GetSystemMetrics

advapi32

ClearEventLogW

ole32

CoUnmarshalHresult

Sections

.text
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 147KB - Virtual size: 28.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
bjutbht.exe
.exe windows:5 windows x86 arch:x86

7cfb8286d8c232c7967a74ce74b78e07

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalCompact
CreateHardLinkA
GetModuleHandleW
EnumResourceTypesA
LoadLibraryW
ReadConsoleInputA
IsBadCodePtr
CreateEventA
GetACP
GlobalUnlock
GetLastError
SetLastError
GetProcAddress
AttachConsole
CreateJobSet
LoadLibraryA
LocalAlloc
SetEndOfFile
GetModuleFileNameA
EnumResourceNamesA
GetFileTime
ReleaseMutex
GetDiskFreeSpaceExW
TerminateJobObject
GetWindowsDirectoryW
CheckRemoteDebuggerPresent
CloseHandle
CreateFileW
FlushFileBuffers
GetStringTypeW
LCMapStringW
FindResourceA
IsBadStringPtrW
AddAtomW
CreateFileA
WriteConsoleW
SetStdHandle
HeapAlloc
ExitProcess
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
HeapFree
WriteFile
GetStdHandle
GetModuleFileNameW
HeapCreate
ReadFile
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
SetFilePointer
GetConsoleCP
GetConsoleMode
GetCPInfo
GetOEMCP
IsValidCodePage
MultiByteToWideChar
RtlUnwind
HeapSize
HeapReAlloc
RaiseException

user32

GetMessageTime
GetKeyboardLayout
CharUpperBuffA
SetCursorPos
LoadMenuW
GetCaretPos
GetSysColorBrush
GetSystemMetrics

gdi32

GetCharWidthW

advapi32

ClearEventLogW

ole32

CoUnmarshalHresult

Sections

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 147KB - Virtual size: 28.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
black.bat
borlndmm.dll
.dll windows:5 windows x86 arch:x86

dd6ba004004c70f4eb3bbd4c9ec97b28

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

AdobePIM.pdb

Imports

msi

ord147
ord74
ord145

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

psapi

GetModuleFileNameExW
GetProcessImageFileNameW
EnumProcessModules

wtsapi32

WTSEnumerateSessionsW
WTSFreeMemory

shlwapi

PathIsFileSpecW
PathAddExtensionW
PathRemoveFileSpecA
PathIsDirectoryA
PathIsDirectoryEmptyW
PathIsSystemFolderW
PathIsRootW
PathRenameExtensionW
PathIsDirectoryW
PathAppendW
PathRemoveBackslashW
PathStripPathW
PathAppendA
PathFileExistsW
PathFindFileNameW
PathRemoveFileSpecW
PathFileExistsA
PathRemoveExtensionW

shell32

ShellExecuteExW
SHCreateDirectoryExW
SHGetFolderLocation
SHGetSpecialFolderPathW
SHGetKnownFolderPath
SHGetPathFromIDListW
SHGetFolderPathW
ord680
CommandLineToArgvW
ord51
SHCreateItemFromParsingName

winhttp

WinHttpOpen
WinHttpReceiveResponse
WinHttpSetTimeouts
WinHttpQueryHeaders
WinHttpQueryAuthSchemes
WinHttpGetProxyForUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpSetCredentials
WinHttpSendRequest
WinHttpOpenRequest
WinHttpCloseHandle
WinHttpConnect
WinHttpReadData
WinHttpQueryDataAvailable
WinHttpSetOption

kernel32

TlsFree
TlsSetValue
TlsGetValue
CompareStringW
SwitchToThread
InitializeCriticalSectionAndSpinCount
GetStringTypeW
EncodePointer
TlsAlloc
GetLocaleInfoW
GetCPInfo
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
GetStartupInfoW
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
LoadLibraryExW
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
GetTimeZoneInformation
ExitProcess
GetStdHandle
GetFileType
IsValidLocale
EnumSystemLocalesW
GetConsoleMode
ReadConsoleW
GetConsoleCP
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
InitializeCriticalSectionEx
GetLastError
RaiseException
DecodePointer
DeleteCriticalSection
ReleaseSemaphore
CreateMutexW
WaitForSingleObject
LocalAlloc
ReleaseMutex
Sleep
OpenSemaphoreW
CloseHandle
LocalFree
GetCurrentProcessId
CreateSemaphoreW
CreateDirectoryW
GetTempPathW
MultiByteToWideChar
SetEvent
ResetEvent
GetCommandLineW
CreateProcessW
GetLocalTime
GetTimeFormatW
GetDateFormatW
OpenProcess
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
FindFirstFileW
FindNextFileW
TerminateProcess
RemoveDirectoryW
FindClose
SetEnvironmentVariableW
SetFileAttributesW
CreateEventW
GetDiskFreeSpaceExW
CreateThread
CopyFileW
lstrcmpiW
lstrcmpW
GetExitCodeProcess
AreFileApisANSI
ReadFile
TryEnterCriticalSection
HeapCreate
HeapFree
EnterCriticalSection
GetFullPathNameW
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
CreateFileW
GetFileAttributesW
GetCurrentThreadId
UnmapViewOfFile
HeapValidate
HeapSize
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
LoadLibraryA
WaitForSingleObjectEx
GetVersionExA
DeleteFileA
DeleteFileW
HeapReAlloc
GetSystemInfo
LoadLibraryW
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
GetProcAddress
CreateFileMappingA
LockFileEx
GetFileSize
GetProcessHeap
SystemTimeToFileTime
FreeLibrary
WideCharToMultiByte
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
MapViewOfFile
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
GetCurrentProcess
GetFileSizeEx
lstrlenW
GetACP
SizeofResource
GetModuleFileNameW
LockResource
LoadResource
FindResourceW
MoveFileExW
GlobalAlloc
GlobalFree
VerSetConditionMask
GetModuleHandleW
VerifyVersionInfoW
SetLastError
DuplicateHandle
ProcessIdToSessionId
TerminateThread
FindResourceExW
lstrcpyW
QueryFullProcessImageNameW
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetFileTime
FileTimeToSystemTime
OpenMutexW
GetUserDefaultLCID
LCMapStringW
GetUserDefaultLangID
GetUserDefaultUILanguage
SetFilePointerEx
ResumeThread
SetStdHandle
WriteConsoleW
QueryPerformanceFrequency
GetVersionExW
CreateFileMappingW

user32

wsprintfW
EnumWindows
GetWindowThreadProcessId
GetShellWindow

advapi32

InitializeSecurityDescriptor
SetEntriesInAclW
AllocateAndInitializeSid
SetSecurityDescriptorDacl
RegQueryValueExW
FreeSid
RegDeleteValueW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyExW
RegCloseKey
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
GetNamedSecurityInfoW
SetNamedSecurityInfoW
LookupAccountSidW
CreateWellKnownSid
EqualSid
GetTokenInformation
DuplicateTokenEx
GetUserNameW
ConvertSidToStringSidW
ImpersonateLoggedOnUser
ConvertStringSidToSidW
RevertToSelf
CryptReleaseContext
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptAcquireContextW

ole32

CoUninitialize
CoCreateInstance
CoInitializeEx
CoTaskMemFree
CoInitialize
CoCreateGuid
StringFromGUID2
CLSIDFromProgID
OleRun
CLSIDFromString

oleaut32

SysStringLen
VariantChangeType
VariantInit
SysFreeString
SysAllocString
VariantClear
VariantCopy
GetErrorInfo

crypt32

CertGetNameStringW

wintrust

WinVerifyTrust
WTHelperGetProvCertFromChain
WTHelperProvDataFromStateData
WTHelperGetProvSignerFromChain

Exports

Exports

AAMIU_Uninstall
@Borlndmm@SysGetMem$qqri
@Borlndmm@SysGetMem$qqri
@Borlndmm@SysGetMem$
pim_freeLibraryRef
pim_freeLiraryRef
pim_freeString
pim_getAppletAndPackageInfo
pim_getAppletRegistrationInfo
pim_getAppletRelationshipInfo
pim_getCurrentCCVersion
pim_getCurrentPackagesVersion
pim_getInstallStatus
pim_getInstalledPackagesInfo
@Borlndmm@SysGetMem$qqri
pim_selfUpdateCheck
pim_selfUpdateCheckWithData
pim_startWorkflow
pim_startWorkflowWithData
pim_syncFromPathToACF
pim_syncFromPathToPath
pim_syncUSFToACF
pim_uninstallAAMFromAAMCleanerTool
pim_uninstallAAMUsingAAMCleanerTool
pim_uninstallACCC64FromACCCCleanerTool
pim_uninstallACCCFromACCCCleanerTool
pim_uninstallADC64UsingADCCleanerTool
pim_uninstallADCUsingADCCleanerTool

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 356KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 871KB - Virtual size: 870KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ccleaner.exe
.exe windows:5 windows x86 arch:x86

e8e837d2e90b52e232aba88021bc9c99

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\winapps\5.0\Build\QuickSearch\Release\QuickSearch.pdb

Imports

kernel32

GetEnvironmentVariableA
SetUnhandledExceptionFilter
GetCommandLineW
LocalFree
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetComputerNameW
SetFilePointer
ReadFile
GetCurrentProcessId
FreeLibrary
GetVersionExW
GetDiskFreeSpaceExW
GetVolumeInformationW
VerifyVersionInfoW
VerSetConditionMask
LocalFileTimeToFileTime
FindNextFileW
FindClose
FindFirstFileW
GetOverlappedResult
ReadDirectoryChangesW
FileTimeToLocalFileTime
CompareFileTime
FileTimeToSystemTime
CreateFileW
WriteFile
OutputDebugStringW
SetEvent
GetSystemTime
GetSystemTimeAsFileTime
SystemTimeToFileTime
GlobalFree
ResumeThread
DuplicateHandle
QueryPerformanceCounter
QueryPerformanceFrequency
lstrcpyW
GlobalUnlock
GlobalLock
GlobalAlloc
CreateMutexW
GetPrivateProfileStringW
GetLogicalDrives
CloseHandle
GetLongPathNameW
WideCharToMultiByte
lstrlenA
InterlockedExchange
lstrlenW
GetTickCount
TerminateThread
WaitForSingleObject
MultiByteToWideChar
LoadLibraryW
GetFullPathNameA
GetLastError
SetLastError
GetVersion
GetModuleFileNameW
Sleep
GetFileAttributesW
GetCurrentThreadId
GetCurrentProcess
GetModuleHandleW
GetProcAddress
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
DeleteFileA
AreFileApisANSI
GetTempPathA
DeleteFileW
GetVersionExA
OutputDebugStringA
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
CreateFileMappingA
LoadLibraryA
GetDiskFreeSpaceW
LockFileEx
HeapSize
GetTempPathW
FlushFileBuffers
HeapValidate
HeapCreate
GetFileAttributesA
HeapDestroy
FormatMessageW
FormatMessageA
GetProcessHeap
UnlockFileEx
WaitForSingleObjectEx
LockFile
FlushViewOfFile
UnlockFile
InterlockedCompareExchange
HeapFree
HeapAlloc
SetEndOfFile
TryEnterCriticalSection
HeapCompact
GetFileSize
CreateFileA
HeapReAlloc
GetFullPathNameW
ExpandEnvironmentStringsW

user32

InvalidateRect
GetFocus
IsWindowVisible
GetWindowRect
IsWindow
SendMessageW
GetWindowRgnBox
EnumChildWindows
GetSysColorBrush
TrackPopupMenu
CallWindowProcW
DestroyMenu
DispatchMessageW
TranslateMessage
PeekMessageW
MsgWaitForMultipleObjects
MessageBoxW
InsertMenuW
CreateMenu
GetMenuItemInfoW
UnionRect
GetMenuBarInfo
CheckMenuItem
EnableMenuItem
ModifyMenuW
GetMenuState
SetWindowTextW
InsertMenuItemW
DrawIconEx
GetSysColor
GetCursor
EnableWindow
SetWindowPos
SetActiveWindow
LoadAcceleratorsW
SetCapture
ReleaseCapture
ClientToScreen
FillRect
SetMenuDefaultItem
GetDlgCtrlID
TranslateAcceleratorW
GetMenuItemID
GetMenuItemCount
GetKeyState
IsZoomed
GetWindow
IsIconic
GetSystemMetrics
GetSubMenu
LoadMenuW
LoadIconW
RegisterClipboardFormatW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
UnregisterHotKey
RegisterHotKey
SetPropW
EnumWindows
PostMessageW
GetPropW
wsprintfW
LoadImageW
DestroyIcon
DrawIcon
GetIconInfo
GrayStringW
DrawTextExW
TabbedTextOutW
MonitorFromPoint
GetMonitorInfoW
MonitorFromRect
SetForegroundWindow
GetLayeredWindowAttributes
PtInRect
GetForegroundWindow
SetRectEmpty
IsRectEmpty
OffsetRect
GetActiveWindow
FrameRect
GetWindowRgn
SetWindowRgn
SetLayeredWindowAttributes
SystemParametersInfoW
TrackMouseEvent
EqualRect
DrawTextW
LoadCursorW
SetCursor
GetParent
CopyRect
SetRect
ReleaseDC
GetDC
RedrawWindow
LoadBitmapW
AppendMenuW
CreatePopupMenu
ScreenToClient
GetCursorPos
GetClientRect
SetTimer
KillTimer
SetWindowLongW
GetWindowLongW

shell32

ord43
ShellExecuteW
SHGetSpecialFolderPathW
SHGetFileInfoW
SHBrowseForFolderW
SHGetPathFromIDListW
Shell_NotifyIconW
ord165
SHGetSpecialFolderLocation
CommandLineToArgvW
ord701
SHGetDesktopFolder
ord716
SHFileOperationW

ole32

CoTaskMemAlloc
CLSIDFromString
CoTaskMemFree
CoInitializeEx
CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

Exports

Exports

MatchMask

Sections

.text
Size: 1016KB - Virtual size: 1016KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 185KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 771KB - Virtual size: 770KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
d87e2dcd2eb9763552645a34218696143fa99ac7b5173dcd04889ce9f5ddf96d.exe
.exe windows:5 windows x86 arch:x86

417c80dfdc5a9cae821cfd89fd8aeffb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\winapps\5.0\Build\QuickSearch\Release\QuickSearch.pdb

Imports

kernel32

GetEnvironmentVariableA
SetUnhandledExceptionFilter
GetCommandLineW
LocalFree
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetComputerNameW
SetFilePointer
ReadFile
GetCurrentProcessId
FreeLibrary
GetVersionExW
GetDiskFreeSpaceExW
GetVolumeInformationW
VerifyVersionInfoW
VerSetConditionMask
LocalFileTimeToFileTime
FindNextFileW
FindClose
FindFirstFileW
GetOverlappedResult
ReadDirectoryChangesW
FileTimeToLocalFileTime
CompareFileTime
FileTimeToSystemTime
CreateFileW
WriteFile
OutputDebugStringW
SetEvent
GetSystemTime
GetSystemTimeAsFileTime
SystemTimeToFileTime
GlobalFree
ResumeThread
DuplicateHandle
QueryPerformanceCounter
QueryPerformanceFrequency
lstrcpyW
GlobalUnlock
GlobalLock
GlobalAlloc
CreateMutexW
GetPrivateProfileStringW
GetLogicalDrives
CloseHandle
GetLongPathNameW
WideCharToMultiByte
lstrlenA
InterlockedExchange
lstrlenW
GetTickCount
TerminateThread
WaitForSingleObject
MultiByteToWideChar
LoadLibraryW
GetFullPathNameA
GetLastError
SetLastError
GetVersion
GetModuleFileNameW
Sleep
GetFileAttributesW
GetCurrentThreadId
GetCurrentProcess
GetModuleHandleW
GetProcAddress
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
DeleteFileA
AreFileApisANSI
GetTempPathA
DeleteFileW
GetVersionExA
OutputDebugStringA
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
CreateFileMappingA
LoadLibraryA
GetDiskFreeSpaceW
LockFileEx
HeapSize
GetTempPathW
FlushFileBuffers
HeapValidate
HeapCreate
GetFileAttributesA
HeapDestroy
FormatMessageW
FormatMessageA
GetProcessHeap
UnlockFileEx
WaitForSingleObjectEx
LockFile
FlushViewOfFile
UnlockFile
InterlockedCompareExchange
HeapFree
HeapAlloc
SetEndOfFile
TryEnterCriticalSection
HeapCompact
GetFileSize
CreateFileA
HeapReAlloc
GetFullPathNameW
ExpandEnvironmentStringsW

user32

InvalidateRect
GetFocus
IsWindowVisible
GetWindowRect
IsWindow
SendMessageW
GetWindowRgnBox
EnumChildWindows
GetSysColorBrush
TrackPopupMenu
CallWindowProcW
DestroyMenu
DispatchMessageW
TranslateMessage
PeekMessageW
MsgWaitForMultipleObjects
MessageBoxW
InsertMenuW
CreateMenu
GetMenuItemInfoW
UnionRect
GetMenuBarInfo
CheckMenuItem
EnableMenuItem
ModifyMenuW
GetMenuState
SetWindowTextW
InsertMenuItemW
DrawIconEx
GetSysColor
GetCursor
EnableWindow
SetWindowPos
SetActiveWindow
LoadAcceleratorsW
SetCapture
ReleaseCapture
ClientToScreen
FillRect
SetMenuDefaultItem
GetDlgCtrlID
TranslateAcceleratorW
GetMenuItemID
GetMenuItemCount
GetKeyState
IsZoomed
GetWindow
IsIconic
GetSystemMetrics
GetSubMenu
LoadMenuW
LoadIconW
RegisterClipboardFormatW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
UnregisterHotKey
RegisterHotKey
SetPropW
EnumWindows
PostMessageW
GetPropW
wsprintfW
LoadImageW
DestroyIcon
DrawIcon
GetIconInfo
GrayStringW
DrawTextExW
TabbedTextOutW
MonitorFromPoint
GetMonitorInfoW
MonitorFromRect
SetForegroundWindow
GetLayeredWindowAttributes
PtInRect
GetForegroundWindow
SetRectEmpty
IsRectEmpty
OffsetRect
GetActiveWindow
FrameRect
GetWindowRgn
SetWindowRgn
SetLayeredWindowAttributes
SystemParametersInfoW
TrackMouseEvent
EqualRect
DrawTextW
LoadCursorW
SetCursor
GetParent
CopyRect
SetRect
ReleaseDC
GetDC
RedrawWindow
LoadBitmapW
AppendMenuW
CreatePopupMenu
ScreenToClient
GetCursorPos
GetClientRect
SetTimer
KillTimer
SetWindowLongW
GetWindowLongW

ole32

CoTaskMemAlloc
CLSIDFromString
CoTaskMemFree
CoInitializeEx
CoCreateInstance
CoUninitialize
CoInitialize

Exports

Exports

MatchMask

Sections

.text
Size: 1016KB - Virtual size: 1016KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 185KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
dwvhgtd.exe
.exe windows:5 windows x86 arch:x86

3e14c881bae1a3bb325eea058df0a11c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadStringPtrW
SetEndOfFile
LocalCompact
CreateHardLinkA
GetModuleHandleW
EnumResourceTypesA
LoadLibraryW
ReadConsoleInputA
IsBadCodePtr
CreateEventA
GetACP
GlobalUnlock
GetLastError
SetLastError
GetProcAddress
AttachConsole
CreateJobSet
LoadLibraryA
FindResourceA
AddAtomW
GetModuleFileNameA
EnumResourceNamesA
GetFileTime
ReleaseMutex
GetDiskFreeSpaceExW
TerminateJobObject
GetWindowsDirectoryW
CheckRemoteDebuggerPresent
CloseHandle
CreateFileW
FlushFileBuffers
GetStringTypeW
LCMapStringW
LocalAlloc
CreateFileA
WriteConsoleW
SetStdHandle
HeapAlloc
ExitProcess
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
HeapFree
WriteFile
GetStdHandle
GetModuleFileNameW
HeapCreate
ReadFile
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
SetFilePointer
GetConsoleCP
GetConsoleMode
GetCPInfo
GetOEMCP
IsValidCodePage
MultiByteToWideChar
RtlUnwind
HeapSize
HeapReAlloc
RaiseException

user32

GetMessageTime
GetKeyboardLayout
CharUpperBuffA
SetCursorPos
LoadMenuW
GetCaretPos
GetSysColorBrush
GetSystemMetrics

advapi32

ClearEventLogW

ole32

CoUnmarshalHresult

Sections

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 147KB - Virtual size: 28.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
file.exe
.exe windows:5 windows x86 arch:x86

7cfb8286d8c232c7967a74ce74b78e07

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalCompact
CreateHardLinkA
GetModuleHandleW
EnumResourceTypesA
LoadLibraryW
ReadConsoleInputA
IsBadCodePtr
CreateEventA
GetACP
GlobalUnlock
GetLastError
SetLastError
GetProcAddress
AttachConsole
CreateJobSet
LoadLibraryA
LocalAlloc
SetEndOfFile
GetModuleFileNameA
EnumResourceNamesA
GetFileTime
ReleaseMutex
GetDiskFreeSpaceExW
TerminateJobObject
GetWindowsDirectoryW
CheckRemoteDebuggerPresent
CloseHandle
CreateFileW
FlushFileBuffers
GetStringTypeW
LCMapStringW
FindResourceA
IsBadStringPtrW
AddAtomW
CreateFileA
WriteConsoleW
SetStdHandle
HeapAlloc
ExitProcess
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
HeapFree
WriteFile
GetStdHandle
GetModuleFileNameW
HeapCreate
ReadFile
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
SetFilePointer
GetConsoleCP
GetConsoleMode
GetCPInfo
GetOEMCP
IsValidCodePage
MultiByteToWideChar
RtlUnwind
HeapSize
HeapReAlloc
RaiseException

user32

GetMessageTime
GetKeyboardLayout
CharUpperBuffA
SetCursorPos
LoadMenuW
GetCaretPos
GetSysColorBrush
GetSystemMetrics

gdi32

GetCharWidthW

advapi32

ClearEventLogW

ole32

CoUnmarshalHresult

Sections

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 147KB - Virtual size: 28.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
helper.bat
.bat .vbs
setup.exe
.exe windows:1 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 145KB - Virtual size: 145KB

DATA Size: 10KB - Virtual size: 10KB

BSS Size: - Virtual size: 4KB

.idata Size: 6KB - Virtual size: 5KB

.tls Size: - Virtual size: 8B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 6KB - Virtual size: 6KB

.rsrc Size: 19KB - Virtual size: 19KB

f7da029034c60bf8e581bd25aede6122

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

shell32

shlwapi

ole32

oleaut32

Exports

Exports

Sections

.text Size: 1016KB - Virtual size: 1016KB

.rdata Size: 185KB - Virtual size: 188KB

.data Size: 15KB - Virtual size: 72KB

.rsrc Size: 779KB - Virtual size: 779KB

417c80dfdc5a9cae821cfd89fd8aeffb

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 1016KB - Virtual size: 1016KB

.rdata Size: 185KB - Virtual size: 188KB

.data Size: 15KB - Virtual size: 72KB

.rsrc Size: 1.0MB - Virtual size: 1.0MB

4f8bf7b275c4aa8b55735ab2c9f76fc4

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

kernel32

user32

gdi32

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

Exports

Exports

Sections

.text Size: 1016KB - Virtual size: 1016KB

.rdata Size: 185KB - Virtual size: 188KB

.data Size: 15KB - Virtual size: 72KB

.rsrc Size: 770KB - Virtual size: 770KB

e8e837d2e90b52e232aba88021bc9c99

Headers

DLL Characteristics

File Characteristics

CODE
Size: 145KB - Virtual size: 145KB

DATA
Size: 10KB - Virtual size: 10KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 6KB - Virtual size: 5KB

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 19KB - Virtual size: 19KB

.text
Size: 1016KB - Virtual size: 1016KB

.rdata
Size: 185KB - Virtual size: 188KB

.data
Size: 15KB - Virtual size: 72KB

.rsrc
Size: 779KB - Virtual size: 779KB

.text
Size: 1016KB - Virtual size: 1016KB

.rdata
Size: 185KB - Virtual size: 188KB

.data
Size: 15KB - Virtual size: 72KB

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

.text
Size: 1016KB - Virtual size: 1016KB

.rdata
Size: 185KB - Virtual size: 188KB

.data
Size: 15KB - Virtual size: 72KB

.rsrc
Size: 770KB - Virtual size: 770KB

.text
Size: 1016KB - Virtual size: 1016KB

.rdata
Size: 185KB - Virtual size: 188KB

.data
Size: 15KB - Virtual size: 72KB

.rsrc
Size: 767KB - Virtual size: 767KB

.text
Size: 1016KB - Virtual size: 1015KB

.rdata
Size: 185KB - Virtual size: 184KB

.data
Size: 15KB - Virtual size: 69KB

.rsrc
Size: 762KB - Virtual size: 762KB

.reloc
Size: 83KB - Virtual size: 82KB

.text
Size: 1016KB - Virtual size: 1016KB

.rdata
Size: 185KB - Virtual size: 188KB

.data
Size: 15KB - Virtual size: 72KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

.text
Size: 1016KB - Virtual size: 1016KB